{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3431", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-07T19:11:21.786Z", "datePublished": "2025-04-08T07:29:43.985Z", "dateUpdated": "2026-04-08T17:13:41.006Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:13:41.006Z"}, "affected": [{"vendor": "ZoomIt", "product": "ZoomSounds - WordPress Wave Audio Player with Playlist", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.91", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated Arbitrary File Download", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a78998da-1cb1-4991-95a8-a551bde04064?source=cve"}, {"url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-73 External Control of File Name or Path", "cweId": "CWE-73", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Mohammadamin Alidoost"}], "timeline": [{"time": "2025-04-07T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T13:13:46.674448Z", "id": "CVE-2025-3431", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T14:50:11.584Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3431", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-08T13:13:46.674448Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T13:20:56.176Z"}}], "cna": {"title": "ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated Arbitrary File Download", "credits": [{"lang": "en", "type": "finder", "value": "Mohammadamin Alidoost"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "ZoomIt", "product": "ZoomSounds - WordPress Wave Audio Player with Playlist", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "6.91"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-07T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a78998da-1cb1-4991-95a8-a551bde04064?source=cve"}, {"url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433"}], "descriptions": [{"lang": "en", "value": "The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-04-08T07:29:43.985Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3431", "state": "PUBLISHED", "dateUpdated": "2025-04-08T14:50:11.584Z", "dateReserved": "2025-04-07T19:11:21.786Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-08T07:29:43.985Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digitalzoomstudio:zoomsounds:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "86208A5D-8246-4AAE-B510-03C5D56BC158", "versionEndIncluding": "6.91", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El complemento ZoomSounds - WordPress Wave Audio Player with Playlist para WordPress es vulnerable a la lectura arbitraria de archivos en todas las versiones hasta la 6.91 incluida, mediante la acci\u00f3n 'dzsap_download'. Esto permite a atacantes no autenticados leer el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial."}], "id": "CVE-2025-3431", "lastModified": "2025-06-04T22:27:39.390", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2025-04-08T08:15:18.447", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://codecanyon.net/item/zoomsounds-wordpress-wave-audio-player-with-playlist/6181433"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a78998da-1cb1-4991-95a8-a551bde04064?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "security@wordfence.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:20:42.762275+00:00", "value": {"mitigation_remediation": ["Upgrade the ZoomSounds plugin to a version newer than 6.91 when an update is released by DigitalZoomStudio.", "If no patch is available, consider disabling or uninstalling the plugin until the issue is resolved.", "Implement application\u2011level controls such as a web\u2011application firewall rule that blocks requests to the 'dzsap_download' action to reduce exposure."], "summary": {"action": "Immediate Patch", "impact": "Potential Disclosure of Sensitive Information"}, "threat_synthesis": {"affected_systems": "The affected product is the ZoomSounds WordPress plugin distributed by DigitalZoomStudio. All releases through version 6.91, inclusive, are impacted. WordPress sites running this plugin across any environment are at risk if the plugin remains installed at these versions.", "description_and_impact": "ZoomSounds \u2013 WordPress Wave Audio Player with Playlist is vulnerable through the 'dzsap_download' action to arbitrary file read. The flaw allows an attacker to specify any file path on the server and obtain its contents, potentially revealing confidential data such as configuration files, credentials or other sensitive documents. This vulnerability is categorized as CWE\u201173, indicating an insecure file-handling function that does not validate input properly.", "risk_and_exploitability": "The CVSS score of 7.5 classifies the issue as high severity. EPSS reports a likelihood of less than 1%, suggesting current exploitation activity is low, and the vulnerability is not yet listed in the CISA KEV catalog. Nonetheless, the flaw is reachable through unauthenticated HTTP requests to the plugin\u2019s download endpoint, meaning a web-based attacker can trigger it without additional credentials. The potential damage spans from data leakage to further compromise if sensitive files are retrieved."}}}}, "created": "2026-04-20T23:30:16.111784+00:00", "updated": "2026-04-20T23:30:16.111810+00:00", "vendors": []}