{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25397", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:53:12.987Z", "datePublished": "2026-03-25T16:14:47.850Z", "dateUpdated": "2026-04-28T16:14:57.543Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "file-uploader-for-woocommerce", "product": "File Uploader for WooCommerce", "vendor": "Snowray Software", "versions": [{"lessThanOrEqual": "1.0.4", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "johska | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:18:21.840Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.<p>This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4.</p>"}], "value": "Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4."}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-35", "description": "Path Traversal: '.../...//'", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:57.543Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/file-uploader-for-woocommerce/vulnerability/wordpress-file-uploader-for-woocommerce-plugin-1-0-4-path-traversal-vulnerability?_s_id=cve"}], "title": "WordPress File Uploader for WooCommerce plugin <= 1.0.4 - Path Traversal vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:00:24.710421Z", "id": "CVE-2026-25397", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T01:39:19.687Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25397", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T17:00:24.710421Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:00:17.743Z"}}], "cna": {"title": "WordPress File Uploader for WooCommerce plugin <= 1.0.4 - Path Traversal vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "johska | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Snowray Software", "product": "File Uploader for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.0.4"}], "packageName": "file-uploader-for-woocommerce", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:18:21.840Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/file-uploader-for-woocommerce/vulnerability/wordpress-file-uploader-for-woocommerce-plugin-1-0-4-path-traversal-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4.", "supportingMedia": [{"type": "text/html", "value": "Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.<p>This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-35", "description": "Path Traversal: '.../...//'"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:09.521Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25397", "state": "PUBLISHED", "dateUpdated": "2026-04-28T01:39:19.687Z", "dateReserved": "2026-02-02T12:53:12.987Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:47.850Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from n/a through <= 1.0.4."}, {"lang": "es", "value": "Salto de ruta: la vulnerabilidad '.../...//' en Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce permite el salto de ruta. Este problema afecta a File Uploader for WooCommerce: desde n/a hasta &lt;= 1.0.4."}], "id": "CVE-2026-25397", "lastModified": "2026-04-28T02:16:06.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-03-25T17:16:49.213", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/file-uploader-for-woocommerce/vulnerability/wordpress-file-uploader-for-woocommerce-plugin-1-0-4-path-traversal-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-35"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "File Uploader for WooCommerce", "source": "cna", "vendor": "Snowray Software"}, "product": "file_uploader_for_woocommerce", "vendor": "snowray_software"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T18:42:29.351043+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch or upgrade the File Uploader for WooCommerce plugin to version 1.0.5 or later"], "summary": {"action": "Patch Immediately", "impact": "Remote or local file access allowing an attacker to read arbitrary files on the server"}, "threat_synthesis": {"affected_systems": "Snowray Software\u2019s File Uploader for WooCommerce plugin is vulnerable in all releases up to and including version 1.0.4. The affected platform is WordPress, and the issue is present wherever the plugin is installed with a version less than or equal to 1.0.4.", "description_and_impact": "The vulnerability is a path traversal flaw (CWE-35) that permits an attacker to influence the file path used by the Snowray Software File Uploader for WooCommerce plugin. By manipulating the request, an adversary can read files outside the intended upload directory. The impact is the unauthorized disclosure of sensitive data stored on the server, potentially exposing configuration files, credentials, or user content, and undermining confidentiality. No direct code execution or privilege escalation is described, but the breadth of read access can be critical in many environments.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity. The EPSS score of less than 1% suggests a relatively low probability of exploitation at this time, and the vulnerability is not listed in the CISA KEV catalog. Likely attack vectors involve an unauthenticated or authenticated user submitting specially crafted requests to the plugin\u2019s upload endpoint, exploiting the directory traversal sequence to access arbitrary files. While no explicit authentication requirement is given in the description, the nature of the flaw implies that any user who can trigger the endpoint may exploit it, making it a high-risk vulnerability for publicly exposed sites using the affected plugin version."}}}}, "created": "2026-03-25T21:44:38.497014+00:00", "updated": "2026-03-27T09:31:49.817508+00:00", "vendors": ["snowray_software", "snowray_software$PRODUCT$file_uploader_for_woocommerce", "wordpress", "wordpress$PRODUCT$wordpress"]}