{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3812", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-18T18:25:34.025Z", "datePublished": "2025-05-17T05:30:34.394Z", "dateUpdated": "2026-04-08T17:06:38.908Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:06:38.908Z"}, "affected": [{"vendor": "QuantumCloud", "product": "WPBot Pro Wordpress Chatbot", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "13.6.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}], "title": "WPBot Pro Wordpress Chatbot <= 13.6.2 - Authenticated (Subscriber+) Arbitrary File Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fe1609d-17d6-4afe-90b2-5473dc9b6c3b?source=cve"}, {"url": "https://www.wpbot.pro/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-73 External Control of File Name or Path", "cweId": "CWE-73", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Tan Phat"}], "timeline": [{"time": "2025-05-16T16:36:34.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-19T15:39:59.314655Z", "id": "CVE-2025-3812", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-19T15:40:17.385Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3812", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-19T15:39:59.314655Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-19T15:40:03.801Z"}}], "cna": {"title": "WPBot Pro Wordpress Chatbot <= 13.6.2 - Authenticated (Subscriber+) Arbitrary File Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Tan Phat"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}}], "affected": [{"vendor": "QuantumCloud", "product": "WPBot Pro Wordpress Chatbot", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "13.6.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-05-16T16:36:34.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fe1609d-17d6-4afe-90b2-5473dc9b6c3b?source=cve"}, {"url": "https://www.wpbot.pro/"}], "descriptions": [{"lang": "en", "value": "The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:06:38.908Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3812", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:06:38.908Z", "dateReserved": "2025-04-18T18:25:34.025Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-05-17T05:30:34.394Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}, {"lang": "es", "value": "El complemento WPBot Pro Wordpress Chatbot para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n qcld_openai_delete_training_file() en todas las versiones hasta la 13.6.2 incluida. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, eliminen archivos arbitrarios en el servidor, lo que puede provocar f\u00e1cilmente la ejecuci\u00f3n remota de c\u00f3digo al eliminar el archivo correcto (como wp-config.php)."}], "id": "CVE-2025-3812", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-05-17T06:15:18.660", "references": [{"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fe1609d-17d6-4afe-90b2-5473dc9b6c3b?source=cve"}, {"source": "security@wordfence.com", "url": "https://www.wpbot.pro/"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T20:45:27.548004+00:00", "value": {"mitigation_remediation": ["Update WPBot Pro to version 13.6.3 or later, which removes the insecure file deletion code", "Restrict file permissions on the WordPress installation so that the web server user cannot delete configuration files such as wp-config.php", "Audit Subscriber and higher role accounts for unusual file operations and enforce the principle of least privilege on user roles"], "summary": {"action": "Apply Patch", "impact": "Arbitrary file deletion potentially leading to remote code execution"}, "threat_synthesis": {"affected_systems": "WPBot Pro Wordpress Chatbot, produced by QuantumCloud, is vulnerable in all releases up to and including version 13.6.2. Any WordPress site that has an affected instance of this plugin installed is at risk.", "description_and_impact": "The WPBot Pro Wordpress Chatbot plugin contains a path validation flaw in the qcld_openai_delete_training_file() function that allows an authenticated user with Subscriber-level access or higher to delete any file on the server. This enables an attacker to remove critical configuration files such as wp-config.php, which can immediately result in remote code execution and full compromise of the WordPress installation. The weakness is a classic CWE-73 \"Path Traversal\" defect.", "risk_and_exploitability": "The vulnerability has a CVSS score of 8.1, indicating high severity. The EPSS score of 2% suggests a low but non\u2011negligible probability of exploitation in the near term. It is not listed in the CISA KEV catalog, so there are no known publicly documented exploits, but internal attackers or users with legitimate Subscriber access still pose a significant threat. The attack requires valid authentication within the WordPress site, so mitigating the path to user authentication and hardening file permissions are key to reducing risk."}}}}, "created": "2026-04-21T21:00:35.995516+00:00", "updated": "2026-04-21T21:00:35.995566+00:00", "vendors": []}