CVE-2025-32629

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory allows Path Traversal. This issue affects WP-BusinessDirectory: from n/a through 3.1.2.

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://patchstack.com/database/wordpress/plugin/wp-businessdirectory/vulnerability/wordpress-wp-businessdirectory-plugin-3-1-2-arbitrary-file-deletion-vulnerability?_s_id=cve

Configurations

No configuration.

History

11 Apr 2025, 15:39

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de limitación incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory permite Path Traversal. Este problema afecta a WP-BusinessDirectory: desde n/a hasta 3.1.2.

11 Apr 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-11 09:15

Updated : 2025-04-11 15:39

NVD link : CVE-2025-32629

Mitre link : CVE-2025-32629

CVE.ORG link : CVE-2025-32629

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

8.6 /10