CVE-2025-60730 – PerfreeBlog v4.0.11 contains an arbitrary file ... (How to Fix)

Q: What is the severity of CVE-2025-60730?

CVE-2025-60730 has a CVSS score of 7.6 (HIGH). PerfreeBlog v4.0.11 contains an arbitrary file deletion vulnerability in the unInstallTheme function that allows attackers to delete files on the server. This affects all installations of PerfreeBlog v4.0.11 that have the vulnerable function accessible. Attackers could potentially delete critical system files or application components.

📋 TL;DR

PerfreeBlog v4.0.11 contains an arbitrary file deletion vulnerability in the unInstallTheme function that allows attackers to delete files on the server. This affects all installations of PerfreeBlog v4.0.11 that have the vulnerable function accessible. Attackers could potentially delete critical system files or application components.

💻 Affected Systems

Products:

PerfreeBlog

Versions: v4.0.11

Operating Systems: All operating systems running PerfreeBlog

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of PerfreeBlog v4.0.11 are vulnerable. The vulnerability exists in the theme management functionality.

📦 What is this software?

Perfreeblog by Perfree

View all CVEs affecting Perfreeblog →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through deletion of critical operating system files, leading to service disruption, data loss, or system takeover.

🟠

Likely Case

Deletion of web application files causing service disruption, loss of website functionality, or deletion of user-uploaded content.

🟢

If Mitigated

Limited to deletion of non-critical files within the web application directory if proper file permissions are configured.

🌐 Internet-Facing: HIGH - Web applications are typically internet-facing and this vulnerability could be exploited remotely.

🏢 Internal Only: MEDIUM - Internal attackers with access to the application could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the theme management functionality. The vulnerability is documented in public repositories with technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://perfree.org.cn/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If patch available, download and apply. 3. Verify fix by testing the unInstallTheme function.

🔧 Temporary Workarounds

Disable Theme Management

all

Remove or restrict access to the theme management functionality containing the vulnerable unInstallTheme function.

# Modify application code to disable theme management
# Remove or comment out theme management endpoints

File Permission Restrictions

linux

Configure strict file permissions to limit what files the web application user can delete.

chmod 644 /path/to/critical/files
chown root:root /path/to/critical/files

🧯 If You Can't Patch

Implement strict access controls to limit who can access theme management functions.
Deploy web application firewall (WAF) rules to detect and block file deletion attempts.

🔍 How to Verify

Check if Vulnerable:

Check if running PerfreeBlog v4.0.11. Review application code for the unInstallTheme function in theme management modules.

Check Version:

Check PerfreeBlog configuration files or admin panel for version information.

Verify Fix Applied:

Test the unInstallTheme function with controlled inputs to ensure it no longer allows arbitrary file deletion.

📡 Detection & Monitoring

Log Indicators:

Unusual file deletion events in web server logs
Multiple failed theme management attempts
Access to theme management endpoints from unusual IPs

Network Indicators:

HTTP POST requests to theme management endpoints with file path parameters
Unusual patterns in theme-related API calls

SIEM Query:

source="web_server" AND (uri="/admin/theme" OR uri CONTAINS "uninstall") AND status=200

📊 Metadata

CVE ID: CVE-2025-60730

CVSS v3 Score: 7.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

CWE: CWE-459

EPSS Score: 0.07% exploit probability (21.5th percentile)

Published: October 24, 2025

Last Updated: October 27, 2025

🔗 References

http://perfreeblog.com Broken Link
https://github.com/dengxmenglihua/cve/blob/main/PerfreeBlog/File%20Deletion/Arbitrary%20File%20Deletion%20Vulnerability%20in%20PerfreeBlog%20System.md Exploit,Third Party Advisory
https://perfree.org.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-60730, you might also want to check these: