CVE-2025-32585
📋 TL;DR
This CVE describes a path traversal vulnerability in the Trusty Plugins Shop Products Filter WordPress plugin that allows attackers to perform local file inclusion (LFI) by manipulating file paths. The vulnerability affects WordPress sites using this plugin, potentially allowing attackers to read sensitive files on the server. All versions up to 1.2 are vulnerable.
💻 Affected Systems
- Trusty Plugins Shop Products Filter WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive server files like /etc/passwd, wp-config.php, or other configuration files, potentially leading to full system compromise if combined with other vulnerabilities.
Likely Case
Attackers will read WordPress configuration files to extract database credentials, then use those credentials to access or modify the database, potentially taking over the WordPress site.
If Mitigated
With proper file permissions and web server restrictions, attackers may only be able to read non-sensitive files or receive error messages.
🎯 Exploit Status
The vulnerability is publicly documented with technical details available. Path traversal to LFI is a well-known attack pattern with many existing tools.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Shop Products Filter' plugin. 4. Click 'Update Now' if update is available. 5. If no update is available, deactivate and delete the plugin immediately.
🔧 Temporary Workarounds
Disable vulnerable plugin
allDeactivate the Shop Products Filter plugin to prevent exploitation
wp plugin deactivate shop-products-filter
Restrict file access via .htaccess
linuxAdd rules to prevent directory traversal attempts
RewriteCond %{REQUEST_URI} \.\. [NC]
RewriteRule .* - [F,L]
🧯 If You Can't Patch
- Remove the Shop Products Filter plugin completely from your WordPress installation
- Implement web application firewall (WAF) rules to block path traversal patterns
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for 'Shop Products Filter' version 1.2 or earlierCheck Version:
wp plugin get shop-products-filter --field=versionVerify Fix Applied:
Verify plugin version is 1.3 or later, or confirm plugin is not installed📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing '..' or '../' patterns
- Requests to unexpected PHP files in plugin directories
- Failed attempts to access sensitive system files
Network Indicators:
- Unusual file path patterns in HTTP requests to WordPress site
- Requests to plugin files with unexpected parameters
SIEM Query:
source="web_server_logs" AND (uri="*..*" OR uri="*../*") AND uri="*shop-products-filter*"