{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69375", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-31T20:13:05.451Z", "datePublished": "2026-02-20T15:46:52.069Z", "dateUpdated": "2026-04-28T20:56:34.719Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected", "packageName": "swp-portfolio", "product": "Portfolio Builder", "vendor": "SolverWp", "versions": [{"lessThanOrEqual": "1.2.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:03:47.456Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.<p>This issue affects Portfolio Builder: from n/a through <= 1.2.5.</p>"}], "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This issue affects Portfolio Builder: from n/a through <= 1.2.5."}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:39.729Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/swp-portfolio/vulnerability/wordpress-portfolio-builder-plugin-1-2-5-local-file-inclusion-vulnerability?_s_id=cve"}], "title": "WordPress Portfolio Builder plugin <= 1.2.5 - Local File Inclusion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T20:32:15.288448Z", "id": "CVE-2025-69375", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T20:56:34.719Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-69375", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T20:32:15.288448Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T20:32:16.715Z"}}], "cna": {"title": "WordPress Portfolio Builder plugin <= 1.2.5 - Local File Inclusion vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-252", "descriptions": [{"lang": "en", "value": "PHP Local File Inclusion"}]}], "affected": [{"vendor": "SolverWp", "product": "Portfolio Builder", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.2.5"}], "packageName": "swp-portfolio", "collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:03:47.456Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/swp-portfolio/vulnerability/wordpress-portfolio-builder-plugin-1-2-5-local-file-inclusion-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This issue affects Portfolio Builder: from n/a through <= 1.2.5.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.<p>This issue affects Portfolio Builder: from n/a through <= 1.2.5.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-98", "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T14:13:25.121Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69375", "state": "PUBLISHED", "dateUpdated": "2026-04-01T14:13:25.121Z", "dateReserved": "2025-12-31T20:13:05.451Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:46:52.069Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SolverWp Portfolio Builder swp-portfolio allows PHP Local File Inclusion.This issue affects Portfolio Builder: from n/a through <= 1.2.5."}, {"lang": "es", "value": "Control inadecuado del nombre de fichero para la declaraci\u00f3n include/require en un programa PHP, vulnerabilidad de 'inclusi\u00f3n remota de ficheros PHP' en SolverWp Portfolio Builder swp-portfolio, permite la inclusi\u00f3n local de ficheros PHP. Este problema afecta a Portfolio Builder: desde n/a hasta &lt;= 1.2.5."}], "id": "CVE-2025-69375", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-20T16:22:21.857", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/swp-portfolio/vulnerability/wordpress-portfolio-builder-plugin-1-2-5-local-file-inclusion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-98"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.2.5]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Portfolio Builder", "source": "cna", "vendor": "SolverWp"}, "product": "portfolio_builder", "vendor": "solverwp"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-28T17:38:37.879372+00:00", "value": {"mitigation_remediation": ["Update the SolverWp Portfolio Builder plugin to any release newer than 1.2.5.", "If a patch is not immediately available, disable the Portfolio Builder plugin in WordPress or remove it from the active plugins list to eliminate the attack surface.", "Apply input validation or a file name whitelist to the plugin's include/require logic, restricting file inclusion to a predetermined safe directory.", "Configure a web application firewall or access control rule to block or rate\u2011limit requests targeting the plugin\u2019s file inclusion endpoints."], "summary": {"action": "Immediate Patch", "impact": "Local File Inclusion (potential remote code execution)"}, "threat_synthesis": {"affected_systems": "The flaw is present in SolverWp's Portfolio Builder plugin for all releases from the earliest available version up to and including 1.2.5. No specific version sub\u2011ranges are listed, so any installation using the plugin at or before 1.2.5 is considered vulnerable.", "description_and_impact": "The vulnerability is a classic PHP Local File Inclusion flaw caused by improper control of file names used in include/require statements, identified as CWE-98. An attacker could exploit this weakness to read arbitrary files on the server or trigger unintended PHP code execution. The CVSS score of 8.1 reflects a high severity that can compromise confidentiality, integrity, and availability of the affected WordPress site.", "risk_and_exploitability": "The EPSS score less than 1% indicates a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Nevertheless, the high CVSS score signals that once discovered, an exploit could have severe impact. Based on the description, it is inferred that attackers would target the plugin by constructing requests that manipulate the file name parameter used by the include/require call, potentially from any authenticated or unauthenticated endpoint exposed by the plugin. Successful exploitation would enable reading sensitive local files or executing arbitrary PHP code within the web application context."}}}}, "created": "2026-02-23T14:37:18.297392+00:00", "updated": "2026-04-28T17:45:16.131893+00:00", "vendors": ["solverwp", "solverwp$PRODUCT$portfolio_builder", "wordpress", "wordpress$PRODUCT$wordpress"]}