CVE-2025-28955
📋 TL;DR
This path traversal vulnerability in the Easy Video Player WordPress & WooCommerce plugin allows attackers to download arbitrary files from the server by manipulating file paths. It affects all WordPress sites running this plugin up to version 10.0. Attackers can potentially access sensitive system files and configuration data.
💻 Affected Systems
- Easy Video Player WordPress & WooCommerce
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise via downloading sensitive files like wp-config.php (containing database credentials), /etc/passwd, or other configuration files leading to full site takeover.
Likely Case
Unauthorized access to sensitive WordPress files, database credentials exposure, and potential privilege escalation leading to administrative access.
If Mitigated
Limited to accessing only non-critical files if proper file permissions and web server restrictions are in place.
🎯 Exploit Status
Path traversal vulnerabilities are typically easy to exploit with publicly available tools. The vulnerability allows arbitrary file download without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 10.0
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Easy Video Player WordPress & WooCommerce. 4. Check for available updates. 5. Update to the latest version (above 10.0). 6. Verify the plugin is updated successfully.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the Easy Video Player plugin until patched
Web server path restriction
linuxConfigure web server to restrict access to sensitive directories
# Apache: Add to .htaccess
<FilesMatch "\.(php|inc|conf|config|sql|log|txt)$">
Order Allow,Deny
Deny from all
</FilesMatch>
# Nginx: Add to server block
location ~* \.(php|inc|conf|config|sql|log|txt)$ {
deny all;
}
🧯 If You Can't Patch
- Immediately deactivate and remove the Easy Video Player plugin from all WordPress installations
- Implement web application firewall (WAF) rules to block path traversal patterns like '../' and directory traversal attempts
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Easy Video Player WordPress & WooCommerce version. If version is 10.0 or lower, you are vulnerable.Check Version:
# From WordPress admin panel or check wp-content/plugins/easy-video-player/readme.txt for version infoVerify Fix Applied:
After updating, verify the plugin version is above 10.0 in WordPress admin panel and test that file download functionality properly validates file paths.📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '../' patterns or attempts to access sensitive files like wp-config.php, /etc/passwd
- Multiple failed file download attempts with unusual file extensions
Network Indicators:
- Unusual file download requests from single IP addresses
- Requests to plugin-specific endpoints with path traversal payloads
SIEM Query:
source="web_server_logs" AND (uri="*../*" OR uri="*wp-config.php*" OR uri="*/etc/passwd*")