{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2883", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-27T20:52:03.183Z", "datePublished": "2025-04-08T09:21:20.256Z", "dateUpdated": "2026-04-08T17:31:36.570Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:31:36.570Z"}, "affected": [{"vendor": "zealopensource", "product": "Accept SagePay Payments Using Contact Form 7", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}], "title": "Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed6cbd55-0e3a-4343-9e1b-b413a132bcdd?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/accept-sagepay-payments-using-contact-form-7/trunk/inc/front/template/cfspzw-info.php#L6"}, {"url": "https://wordpress.org/plugins/accept-sagepay-payments-using-contact-form-7/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3266837/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "timeline": [{"time": "2025-04-07T21:19:21.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T13:03:58.229806Z", "id": "CVE-2025-2883", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T13:04:15.032Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2883", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-08T13:03:58.229806Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T13:04:07.459Z"}}], "cna": {"title": "Accept SagePay Payments Using Contact Form 7 <= 2.0 - Unauthenticated Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "zealopensource", "product": "Accept SagePay Payments Using Contact Form 7", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-07T21:19:21.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed6cbd55-0e3a-4343-9e1b-b413a132bcdd?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/accept-sagepay-payments-using-contact-form-7/trunk/inc/front/template/cfspzw-info.php#L6"}, {"url": "https://wordpress.org/plugins/accept-sagepay-payments-using-contact-form-7/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3266837/"}], "descriptions": [{"lang": "en", "value": "The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:31:36.570Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2883", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:31:36.570Z", "dateReserved": "2025-03-27T20:52:03.183Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-08T09:21:20.256Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Accept SagePay Payments Using Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}, {"lang": "es", "value": "El complemento Accept SagePay Payments Using Contact Form 7 para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 2.0 incluida, a trav\u00e9s del script phpinfo.php, de acceso p\u00fablico. Esto permite que atacantes no autenticados accedan a informaci\u00f3n potencialmente confidencial contenida en el archivo expuesto."}], "id": "CVE-2025-2883", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-08T10:15:19.197", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/accept-sagepay-payments-using-contact-form-7/trunk/inc/front/template/cfspzw-info.php#L6"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3266837/"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/accept-sagepay-payments-using-contact-form-7/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed6cbd55-0e3a-4343-9e1b-b413a132bcdd?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:19:14.474998+00:00", "value": {"mitigation_remediation": ["Upgrade the Accept SagePay Payments Using Contact Form 7 plugin to a version newer than 2.0 or obtain the latest release from the official repository", "If an upgrade is not immediately feasible, move or delete the phpinfo.php file from the plugin\u2019s public directory so it can no longer be accessed via the web", "Restrict access to any remaining sensitive files by configuring .htaccess rules or WordPress-permission settings to limit visibility to authorized users only", "Consider disabling the PHPinfo functionality entirely in the server configuration to eliminate accidental exposure of server details"], "summary": {"action": "Apply Patch", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "Vulnerable instances are WordPress sites that have the Accept SagePay Payments Using Contact Form 7 plugin installed at version 2.0 or earlier. The plugin is maintained by ZealOpenSource and is listed in the official WordPress plugin repository. Any site using an affected version is at risk; specific version ranges are not provided beyond the upper bound of 2.0.", "description_and_impact": "The Accept SagePay Payments Using Contact Form 7 WordPress plugin contains a sensitive information exposure flaw that lets unauthenticated attackers download the publicly accessible phpinfo.php file. The file can reveal configuration details, environment variables, database credentials, and other confidential data needed for further compromise. This vulnerability is identified as CWE\u2011200 and can lead to significant confidentiality loss with no requirement for elevated privileges.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. The EPSS score of less than 1% suggests a very low likelihood of exploitation in the wild, yet the attack does not require any authentication or complex setup. The vulnerability is not included in the CISA KEV catalog. An attacker can simply request the phpinfo.php URL and retrieve the file, so the primary attack vector is a direct HTTP request to the exposed script."}}}}, "created": "2025-07-12T15:26:07.226682+00:00", "updated": "2026-04-20T23:30:16.105336+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}