{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-7641", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-14T14:52:05.902Z", "datePublished": "2025-08-15T08:25:38.365Z", "dateUpdated": "2026-04-08T16:34:05.904Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:34:05.904Z"}, "affected": [{"vendor": "48hmorris", "product": "Assistant for NextGEN Gallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability."}], "title": "Assistant for NextGEN Gallery <= 1.0.9 - Unauthenticated Arbitrary Directory Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07ebb176-a1f8-4a5c-8d81-a83fda4b0af3?source=cve"}, {"url": "http://plugins.trac.wordpress.org/browser/assistant-for-nextgen-gallery/trunk/nextgenassistant.php#L163"}, {"url": "https://wordpress.org/plugins/assistant-for-nextgen-gallery/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "timeline": [{"time": "2025-08-14T20:15:19.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-15T16:26:24.770028Z", "id": "CVE-2025-7641", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-15T16:28:38.253Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7641", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-15T16:26:24.770028Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-15T16:26:40.720Z"}}], "cna": {"title": "Assistant for NextGEN Gallery <= 1.0.9 - Unauthenticated Arbitrary Directory Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}], "affected": [{"vendor": "48hmorris", "product": "Assistant for NextGEN Gallery", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-14T20:15:19.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07ebb176-a1f8-4a5c-8d81-a83fda4b0af3?source=cve"}, {"url": "http://plugins.trac.wordpress.org/browser/assistant-for-nextgen-gallery/trunk/nextgenassistant.php#L163"}, {"url": "https://wordpress.org/plugins/assistant-for-nextgen-gallery/"}], "descriptions": [{"lang": "en", "value": "The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-08-15T08:25:38.365Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7641", "state": "PUBLISHED", "dateUpdated": "2025-08-15T16:28:38.253Z", "dateReserved": "2025-07-14T14:52:05.902Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-15T08:25:38.365Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability."}, {"lang": "es", "value": "El complemento Assistant for NextGEN Gallery para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de directorios debido a una validaci\u00f3n insuficiente de la ruta de archivo en el endpoint REST /wp-json/nextgenassistant/v1.0.0/control en todas las versiones hasta la 1.0.9 incluida. Esto permite que atacantes no autenticados eliminen directorios arbitrarios en el servidor, lo que puede causar una p\u00e9rdida total de disponibilidad."}], "id": "CVE-2025-7641", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-15T09:15:27.927", "references": [{"source": "security@wordfence.com", "url": "http://plugins.trac.wordpress.org/browser/assistant-for-nextgen-gallery/trunk/nextgenassistant.php#L163"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/assistant-for-nextgen-gallery/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07ebb176-a1f8-4a5c-8d81-a83fda4b0af3?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T14:28:55.600426+00:00", "value": {"mitigation_remediation": ["Update the Assistant for NextGEN Gallery plugin to the latest version that removes the path validation flaw.", "If an update is not immediately available, disable or delete the plugin to eliminate the vulnerable endpoint.", "Restrict access to the /wp-json/nextgenassistant/ REST API using a firewall or the WordPress REST API security plugin so that only authenticated requests can reach the control endpoint."], "summary": {"action": "Apply Patch", "impact": "Directory deletion and availability loss"}, "threat_synthesis": {"affected_systems": "WordPress sites using the Assistant for NextGEN Gallery plugin version 1.0.9 or earlier are susceptible. The vulnerability affects all releases up to and including 1.0.9 and is present in the plugin maintained by 48hmorris.", "description_and_impact": "The Assistant for NextGEN Gallery plugin for WordPress contains an insufficient file path validation flaw in its REST API endpoint /wp-json/nextgenassistant/v1.0.0/control. This flaw allows an unauthenticated attacker to instruct the server to delete arbitrary directories, leading to complete loss of functionality for the affected site. The weakness is a classic directory traversal/validation error (CWE\u201122).", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity with potential for complete loss of availability. The EPSS score of less than 1% suggests that exploitation is currently uncommon, and the vulnerability is not listed in the CISA KEV catalog. The most likely attack vector is an unauthenticated HTTP request to the exposed REST endpoint, a path that is inferred from the description because the official documentation does not explicitly state it. Given the nature of the flaw, an attacker does not need privileged credentials, and the impact can be dramatic for a live site."}}}}, "created": "2025-08-16T21:40:48.439246+00:00", "updated": "2026-04-22T14:30:18.963562+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}