{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15433", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2026-01-01T13:42:06.702Z", "datePublished": "2026-03-26T06:00:07.315Z", "dateUpdated": "2026-03-26T13:35:20.136Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-03-26T06:00:07.315Z"}, "title": "Shared Files < 1.7.58 - Contributor+ Arbitrary File Download", "problemTypes": [{"descriptions": [{"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Shared Files", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "1.7.58"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector"}], "references": [{"url": "https://wpscan.com/vulnerability/893667a1-dc8f-476a-ac00-55752fface90/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Muhammad Rohan khan", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T13:35:04.522504Z", "id": "CVE-2025-15433", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T13:35:20.136Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-15433", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T13:35:04.522504Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T13:35:16.512Z"}}], "cna": {"title": "Shared Files < 1.7.58 - Contributor+ Arbitrary File Download", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Rohan khan"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Shared Files", "versions": [{"status": "affected", "version": "0", "lessThan": "1.7.58", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/893667a1-dc8f-476a-ac00-55752fface90/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-03-26T06:00:07.315Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15433", "state": "PUBLISHED", "dateUpdated": "2026-03-26T13:35:20.136Z", "dateReserved": "2026-01-01T13:42:06.702Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2026-03-26T06:00:07.315Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector"}], "id": "CVE-2025-15433", "lastModified": "2026-03-26T15:13:15.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-26T07:16:19.133", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/893667a1-dc8f-476a-ac00-55752fface90/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.7.58)"}}], "enrichment": {"confidence": 92.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 92.0, "source": "matching"}]}, "original": {"product": "Shared Files", "source": "cna", "vendor": "Unknown"}, "product": "shared_files", "vendor": "sharedfilespro"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T13:26:24.232855+00:00", "value": {"mitigation_remediation": ["Update the Shared Files plugin to version 1.7.58 or later.", "If an upgrade is not possible, deactivate or uninstall the plugin to eliminate the path traversal flaw.", "Limit the Contributor role or remove Contributors from the site if the role is not essential to operations."], "summary": {"action": "Immediate Patch", "impact": "Data Exposure"}, "threat_synthesis": {"affected_systems": "WordPress sites using the Shared Files plugin version 1.7.58 or earlier are impacted. The vendor for the plugin is an unknown author, referenced simply as \"Shared Files\". Any installation that includes users with the Contributor role (or lower, if privileges are granted) is susceptible, regardless of other security controls on the WordPress installation.", "description_and_impact": "The Shared Files WordPress plugin, before version 1.7.58, contains a path traversal flaw that allows users with a Contributor role or higher to craft a URL that downloads any file from the web server. This can expose sensitive configuration files such as wp-config.php, revealing database credentials, encryption keys, and other secrets. The weakness aligns with CWE-22 Path Traversal, CWE-20 Improper Input Validation, and CWE-200 Information Exposure.", "risk_and_exploitability": "The vulnerability does not yet have an assigned CVSS score and the EPSS score is not available, but its presence in sites with Contributors suggests a moderate to high risk of exploitation. Attackers can trigger the download by directly requesting the vulnerable endpoint with a crafted file path; no additional privileges or external dependencies are required beyond the Contributor role. Since KEV does not list this vulnerability, it is likely not widely exploited yet, but the straightforward exploitation path warrants urgent action."}}}}, "created": "2026-03-26T11:30:24.455146+00:00", "updated": "2026-03-26T13:54:59.844682+00:00", "vendors": ["sharedfilespro", "sharedfilespro$PRODUCT$shared_files", "wordpress", "wordpress$PRODUCT$wordpress"]}