{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8422", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-31T15:00:11.187Z", "datePublished": "2025-09-11T07:24:52.172Z", "dateUpdated": "2026-04-08T16:47:04.848Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:47:04.848Z"}, "affected": [{"vendor": "fassionstorage", "product": "Propovoice: All-in-One Client Management System", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7.6.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the send_email() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "Propovoice <= 1.7.6.7 - Unauthenticated Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ac72d7a-9540-435f-93cb-fdd4104b18f7?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/propovoice/trunk/includes/Api/Type/Email.php#L275"}, {"url": "https://plugins.trac.wordpress.org/changeset/3361482/propovoice/trunk/includes/Api/Type/Email.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-73 External Control of File Name or Path", "cweId": "CWE-73", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "timeline": [{"time": "2025-09-10T19:05:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-11T14:06:32.065811Z", "id": "CVE-2025-8422", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T14:40:42.031Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-11T14:06:32.065811Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T14:06:34.807Z"}}], "cna": {"title": "Propovoice <= 1.7.6.7 - Unauthenticated Arbitrary File Read", "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "fassionstorage", "product": "Propovoice: All-in-One Client Management System", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.7.6.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-10T19:05:09.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ac72d7a-9540-435f-93cb-fdd4104b18f7?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/propovoice/trunk/includes/Api/Type/Email.php#L275"}], "descriptions": [{"lang": "en", "value": "The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the send_email() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-09-11T07:24:52.172Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8422", "state": "PUBLISHED", "dateUpdated": "2025-09-11T14:40:42.031Z", "dateReserved": "2025-07-31T15:00:11.187Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-09-11T07:24:52.172Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the send_email() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "id": "CVE-2025-8422", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-09-11T08:15:33.883", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/propovoice/trunk/includes/Api/Type/Email.php#L275"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3361482/propovoice/trunk/includes/Api/Type/Email.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ac72d7a-9540-435f-93cb-fdd4104b18f7?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T00:50:42.551190+00:00", "value": {"mitigation_remediation": ["Upgrade the Propovoice plugin to any version newer than 1.7.6.7 to remove the vulnerability.", "If an immediate upgrade is not possible, temporarily disable the Propovoice plugin until the patch is applied.", "Deploy a web application firewall or configure access\u2011control rules to block unauthenticated requests to the plugin\u2019s email API endpoint."], "summary": {"action": "Patch", "impact": "Unauthenticated Arbitrary File Read"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts the fassionstorage Propovoice plugin for WordPress. All releases up to and including version 1.7.6.7 are affected. No information is available about versions beyond 1.7.6.7.", "description_and_impact": "The Propovoice All\u2011in\u2011One Client Management System plugin contains an arbitrary file read flaw in its send_email() function. This flaw arises from improper input validation and is classified as CWE\u201173. An unauthenticated attacker can specify any file path when invoking the email API, allowing read access to arbitrary files on the server and potentially revealing sensitive data, thus compromising confidentiality of the entire WordPress site.", "risk_and_exploitability": "Based on the description, it is inferred that the attack vector is sending unauthenticated HTTP requests to the plugin\u2019s email API endpoint. The CVSS score of 7.5 marks the issue as high severity. The EPSS score of less than 1% indicates a very low probability of exploitation in the wild at present, and the vulnerability is not listed in CISA\u2019s KEV catalog. An attacker can exploit the flaw by sending unauthenticated HTTP requests to the plugin\u2019s email API endpoint, gaining full read access to arbitrary files on the server."}}}}, "created": "2025-09-12T09:11:20.369735+00:00", "updated": "2026-04-22T01:00:04.358626+00:00", "vendors": ["fassionstorage", "fassionstorage$PRODUCT$all-in-one_client_management_system_plugin", "wordpress", "wordpress$PRODUCT$wordpress"]}