{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-9345", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-22T14:12:56.987Z", "datePublished": "2025-08-28T03:42:45.718Z", "dateUpdated": "2026-04-08T17:33:17.967Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:17.967Z"}, "affected": [{"vendor": "softdiscover", "product": "File Manager, Code Editor, and Backup by Managefy", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory."}], "title": "File Manager, Code Editor, and Backup by Managefy <= 1.4.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Download", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f53cf99e-3136-4a1d-bbbd-ff484f1df5c3?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3350045%40softdiscover-db-file-manager&new=3350045%40softdiscover-db-file-manager&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "\u0110\u1ed7 Quang Huy"}], "timeline": [{"time": "2025-08-23T17:25:07.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-27T14:40:26.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-28T13:36:53.402345Z", "id": "CVE-2025-9345", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T14:49:05.815Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9345", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-28T13:36:53.402345Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-28T13:36:55.720Z"}}], "cna": {"title": "File Manager, Code Editor, and Backup by Managefy <= 1.4.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Download", "credits": [{"lang": "en", "type": "finder", "value": "\u0110\u1ed7 Quang Huy"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "softdiscover", "product": "File Manager, Code Editor, and Backup by Managefy", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.4.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-23T17:25:07.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-27T14:40:26.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f53cf99e-3136-4a1d-bbbd-ff484f1df5c3?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3350045%40softdiscover-db-file-manager&new=3350045%40softdiscover-db-file-manager&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:17.967Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9345", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:33:17.967Z", "dateReserved": "2025-08-22T14:12:56.987Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-28T03:42:45.718Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory."}, {"lang": "es", "value": "El complemento File Manager, Code Editor, and Backup by Managefy para WordPress es vulnerable a la Path Traversal en todas las versiones hasta la 1.4.8 incluida, mediante la funci\u00f3n ajax_downloadfile(). Esto permite a atacantes autenticados, con acceso de suscriptor o superior, realizar acciones en archivos fuera del directorio original."}], "id": "CVE-2025-9345", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-28T04:16:03.687", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3350045%40softdiscover-db-file-manager&new=3350045%40softdiscover-db-file-manager&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f53cf99e-3136-4a1d-bbbd-ff484f1df5c3?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T19:47:06.603242+00:00", "value": {"mitigation_remediation": ["Update the File Manager, Code Editor, and Backup by Managefy plugin to the latest version or apply the vendor's security patch if one is available.", "If a patch is not available, disable or uninstall the vulnerable plugin to eliminate the attack surface.", "Restrict WordPress user roles by ensuring that only trusted personnel possess Subscriber-level or higher access, and review all user accounts for unnecessary permissions."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized File Disclosure"}, "threat_synthesis": {"affected_systems": "All WordPress installations running the softdiscover File Manager, Code Editor, and Backup by Managefy plugin version 1.4.8 or earlier are affected; the publisher is Softdiscover.", "description_and_impact": "The File Manager, Code Editor, and Backup by Managefy plugin for WordPress has a path traversal flaw in the ajax_downloadfile() function that lets an authenticated user with Subscriber-level access and above download files outside the intended directory, enabling confidential data disclosure.", "risk_and_exploitability": "The CVSS score is 4.9, reflecting a low\u2011to\u2011moderate threat, and the EPSS score of less than 1% indicates that exploitation is currently unlikely, but the vulnerability is not listed in CISA's KEV catalog. Because the flaw requires legitimate credentials, only users with Subscriber or higher roles can abuse it; an attacker who compromises such a user could download arbitrary files from the host, potentially exposing sensitive system or application data. No public exploit has been reported."}}}}, "created": "2026-04-20T20:00:10.505075+00:00", "updated": "2026-04-20T20:00:10.505091+00:00", "vendors": []}