CVE-2025-60072
📋 TL;DR
This vulnerability allows attackers to include local PHP files through improper filename control in the Anchor Smooth Scroll WordPress plugin. It affects all WordPress sites running the plugin version 1.0.2 or earlier. Attackers can potentially read sensitive files or execute arbitrary code.
💻 Affected Systems
- WordPress Anchor Smooth Scroll Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, data theft, and website defacement.
Likely Case
Local file inclusion allowing reading of sensitive configuration files (wp-config.php) and potential information disclosure.
If Mitigated
Limited impact if file permissions are properly configured and web server runs with minimal privileges.
🎯 Exploit Status
Simple HTTP requests can trigger the vulnerability without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.3 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Anchor Smooth Scroll'. 4. Click 'Update Now' if available. 5. If no update appears, manually download version 1.0.3+ from WordPress.org and replace the plugin files.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched.
wp plugin deactivate anchor-smooth-scroll
Restrict File Access
linuxAdd .htaccess rules to block direct access to plugin PHP files.
<Files "*.php">
Order Allow,Deny
Deny from all
</Files>
🧯 If You Can't Patch
- Remove the Anchor Smooth Scroll plugin completely from the WordPress installation.
- Implement web application firewall rules to block requests containing local file inclusion patterns.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Anchor Smooth Scroll version. If version is 1.0.2 or earlier, you are vulnerable.Check Version:
wp plugin get anchor-smooth-scroll --field=versionVerify Fix Applied:
Verify plugin version shows 1.0.3 or later in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- HTTP requests to plugin files with suspicious parameters like 'file=../../wp-config.php'
- Multiple 200 OK responses to small PHP files in short timeframes
Network Indicators:
- Unusual GET/POST requests to /wp-content/plugins/anchor-smooth-scroll/ with file parameters
- Traffic patterns showing directory traversal attempts
SIEM Query:
source="web_logs" AND uri_path="/wp-content/plugins/anchor-smooth-scroll/*" AND (query="*file=*" OR query="*include=*")