Cyber Posture

CVE-2025-24605

Medium

Published: 03 February 2025

Published
03 February 2025
Modified
23 April 2026
KEV Added
Patch
CVSS Score 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0009 25.1th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24605 is a medium-severity Path Traversal (CWE-22) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor And Products Manager Professional. Its CVSS base score is 4.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 25.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Data from Local System (T1005). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the path traversal vulnerability by requiring timely patching and remediation of the flawed WOLF bulk-editor plugin versions through 1.0.8.5.

SI-10 Information Input Validation good match
prevent

Prevents exploitation of the path traversal by validating and sanitizing pathname inputs to ensure they remain within restricted directories.

AC-3 Access Enforcement partial match
prevent

Enforces logical access controls to block unauthorized reading of sensitive files even if path traversal inputs are submitted.

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
Why these techniques?

The path traversal vulnerability directly enables reading sensitive files on the local system by bypassing directory restrictions, mapping to T1005: Data from Local System.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RealMag777 WOLF bulk-editor allows Path Traversal.This issue affects WOLF: from n/a through <= 1.0.8.5.

Deeper analysisAI

CVE-2025-24605 is an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability, classified as CWE-22, in the RealMag777 WOLF bulk-editor WordPress plugin. This issue affects WOLF versions from n/a through 1.0.8.5, enabling attackers to traverse path restrictions and access files outside intended directories.

The vulnerability carries a CVSS v3.1 base score of 4.9 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N), indicating network accessibility with low attack complexity but requiring high privileges, such as administrative access. An authenticated attacker with sufficient permissions can exploit it to achieve high-impact confidentiality violations, such as reading sensitive files, without affecting integrity or availability.

The Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/bulk-editor/vulnerability/wordpress-wolf-plugin-1-0-8-5-path-traversal-vulnerability?_s_id=cve documents the path traversal issue in WOLF plugin version 1.0.8.5 and provides details relevant to mitigation for affected WordPress installations.

Details

CWE(s)
CWE-22

Affected Products

pluginus
wolf - wordpress posts bulk editor and products manager professional
≤ 1.0.8.6

CVEs Like This One

CVE-2024-9939Same product class: CMS core
CVE-2025-24406Same product class: CMS core
CVE-2025-1661Same vendor: Pluginus
CVE-2025-54794Shared CWE-22
CVE-2025-20051Shared CWE-22
CVE-2026-41205Shared CWE-22
CVE-2026-41419Shared CWE-22
CVE-2025-13801Shared CWE-22
CVE-2025-68921Shared CWE-22
CVE-2026-39369Shared CWE-22

References