CVE-2025-13681

Summary

The BFG Tools – Extension Zipper plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0.7. This is due to insufficient input validation on the user-supplied first_file parameter in the zip() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files and directories outside the intended /wp-content/plugins/ directory, which can contain sensitive information such as wp-config.php.

Affected Software

VendorProductVersion RangeStatus
thebaldfatguyBFG Tools – Extension Zipper0 <= 1.0.7affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References