CVE-2025-47508
📋 TL;DR
This CVE describes a PHP Local File Inclusion vulnerability in the GamiPress WordPress plugin. Attackers can include arbitrary local files through improper filename control in include/require statements, potentially leading to sensitive information disclosure or code execution. All WordPress sites using GamiPress versions up to 7.3.7 are affected.
💻 Affected Systems
- GamiPress WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full server compromise through inclusion of malicious PHP files leading to remote code execution, data exfiltration, or complete site takeover.
Likely Case
Sensitive file disclosure (configuration files, database credentials, etc.) and limited code execution within the web server context.
If Mitigated
Limited impact if file permissions are restrictive and web server runs with minimal privileges, though information disclosure remains possible.
🎯 Exploit Status
Simple HTTP requests can trigger the vulnerability. Public exploit details are available in security advisories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.3.8 or later
Vendor Advisory: https://patchstack.com/database/wordpress/plugin/gamipress/vulnerability/wordpress-gamipress-7-3-7-local-file-inclusion-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find GamiPress and click 'Update Now'. 4. Verify version is 7.3.8 or higher.
🔧 Temporary Workarounds
Disable GamiPress Plugin
allTemporarily deactivate the vulnerable plugin until patching is possible
wp plugin deactivate gamipress
Web Application Firewall Rule
allBlock requests containing suspicious file inclusion patterns
🧯 If You Can't Patch
- Implement strict file system permissions to limit accessible directories
- Deploy web application firewall with LFI detection rules
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → GamiPress version. If version is 7.3.7 or lower, you are vulnerable.Check Version:
wp plugin get gamipress --field=versionVerify Fix Applied:
Verify GamiPress version is 7.3.8 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual file path patterns in PHP error logs
- Multiple requests to GamiPress endpoints with file path parameters
Network Indicators:
- HTTP requests containing '../' sequences or absolute file paths to GamiPress endpoints
SIEM Query:
source="web_logs" AND (uri="*gamipress*" AND (uri="*../*" OR uri="*/etc/*" OR uri="*C:\\*"))