{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25328", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:52:29.366Z", "datePublished": "2026-03-25T16:14:40.912Z", "dateUpdated": "2026-04-28T16:14:55.567Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "products-file-upload-for-woocommerce", "product": "Product File Upload for WooCommerce", "vendor": "add-ons.org", "versions": [{"changes": [{"at": "2.2.5", "status": "unaffected"}], "lessThanOrEqual": "2.2.4", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Denver Jackson | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:18:24.914Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Traversal.<p>This issue affects Product File Upload for WooCommerce: from n/a through <= 2.2.4.</p>"}], "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Traversal.This issue affects Product File Upload for WooCommerce: from n/a through <= 2.2.4."}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:55.567Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/products-file-upload-for-woocommerce/vulnerability/wordpress-product-file-upload-for-woocommerce-plugin-2-2-4-arbitrary-file-deletion-vulnerability?_s_id=cve"}], "title": "WordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:26:59.969263Z", "id": "CVE-2026-25328", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T01:29:20.390Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25328", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T17:26:59.969263Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:26:52.158Z"}}], "cna": {"title": "WordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Denver Jackson | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "add-ons.org", "product": "Product File Upload for WooCommerce", "versions": [{"status": "affected", "changes": [{"at": "2.2.5", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "2.2.4"}], "packageName": "products-file-upload-for-woocommerce", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:18:24.914Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/products-file-upload-for-woocommerce/vulnerability/wordpress-product-file-upload-for-woocommerce-plugin-2-2-4-arbitrary-file-deletion-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Traversal.This issue affects Product File Upload for WooCommerce: from n/a through <= 2.2.4.", "supportingMedia": [{"type": "text/html", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Traversal.<p>This issue affects Product File Upload for WooCommerce: from n/a through <= 2.2.4.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:08.731Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25328", "state": "PUBLISHED", "dateUpdated": "2026-04-28T01:29:20.390Z", "dateReserved": "2026-02-02T12:52:29.366Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:40.912Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce allows Path Traversal.This issue affects Product File Upload for WooCommerce: from n/a through <= 2.2.4."}, {"lang": "es", "value": "Limitaci\u00f3n incorrecta de un nombre de ruta a un directorio restringido ('Salto de ruta') vulnerabilidad en add-ons.org Product File Upload for WooCommerce products-file-upload-for-woocommerce permite Salto de ruta. Este problema afecta a Product File Upload for WooCommerce: desde n/a hasta &lt;= 2.2.4."}], "id": "CVE-2026-25328", "lastModified": "2026-04-28T02:16:04.077", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.0, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-03-25T17:16:44.247", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/products-file-upload-for-woocommerce/vulnerability/wordpress-product-file-upload-for-woocommerce-plugin-2-2-4-arbitrary-file-deletion-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.2.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Product File Upload for WooCommerce", "source": "cna", "vendor": "add-ons.org"}, "product": "product_file_upload_for_woocommerce", "vendor": "add-ons.org"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T19:38:55.332815+00:00", "value": {"mitigation_remediation": ["Upgrade the File Upload for WooCommerce plugin to version 2.2.5 or later", "If an update is not immediately available, disable the plugin or restrict upload permissions to trusted users only"], "summary": {"action": "Patch Now", "impact": "Arbitrary file deletion via path traversal"}, "threat_synthesis": {"affected_systems": "The issue affects all installations of the File Upload for WooCommerce add\u2011on from the vendor add-ons.org, with affected versions ranging from early releases through 2.2.4. Systems running any of these versions are potentially exposed, regardless of the WordPress core or WooCommerce versions.", "description_and_impact": "Improper limitation of pathname in the File Upload for WooCommerce plugin allows an attacker to perform path traversal and delete arbitrary files on the WordPress server. A file path supplied through the upload interface is not properly sanitized, enabling removal of any file whose path can be constructed, potentially including critical configuration, log, or system files. The vulnerability is a classic Path Traversal weakness (CWE\u201122) that compromises data integrity and may lead to further exploitation if critical files are removed.", "risk_and_exploitability": "The CVSS score of 6.8 indicates a moderate impact if exploitation is achieved. The EPSS score (<1%) suggests a low current likelihood of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require access to the plugin\u2019s upload functionality, which is typically available to users with product upload permissions; attackers would construct a filename containing directory traversal sequences to delete target files. Once access is gained, any file in the web directory tree could be removed, creating a denial of service or facilitating further compromise."}}}}, "created": "2026-03-25T21:34:03.779730+00:00", "updated": "2026-03-27T09:46:02.434434+00:00", "vendors": ["add-ons.org", "add-ons.org$PRODUCT$product_file_upload_for_woocommerce", "wordpress", "wordpress$PRODUCT$wordpress"]}