CVE-2025-7401
📋 TL;DR
This vulnerability in the Premium Age Verification WordPress plugin allows unauthenticated attackers to read or write arbitrary files on the server through an insufficiently protected remote support feature. All WordPress sites using this plugin up to version 3.0.2 are affected, potentially leading to sensitive data exposure or remote code execution.
💻 Affected Systems
- Premium Age Verification / Restriction for WordPress
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full server compromise through remote code execution, data theft, website defacement, or malware installation.
Likely Case
Sensitive file reading (configuration files, database credentials) leading to data exposure and potential privilege escalation.
If Mitigated
Limited impact if file permissions restrict write access and web server runs with minimal privileges.
🎯 Exploit Status
The vulnerability is in remote_tunnel.php which provides direct file access without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.0.3 or later
Vendor Advisory: https://codecanyon.net/item/premium-age-verification-restriction-for-wordpress/11300327
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Go to Plugins → Installed Plugins. 3. Find 'Premium Age Verification / Restriction'. 4. Click 'Update Now' if update available. 5. If no update available, deactivate and delete the plugin immediately.
🔧 Temporary Workarounds
Delete vulnerable file
linuxRemove the vulnerable remote_tunnel.php file to prevent exploitation
rm /path/to/wp-content/plugins/premium-age-verification/remote_tunnel.php
Block access to vulnerable endpoint
allUse web server configuration to block access to remote_tunnel.php
# Apache: <LocationMatch "remote_tunnel\.php">
Order deny,allow
Deny from all
</LocationMatch>
# Nginx: location ~* remote_tunnel\.php { deny all; }
🧯 If You Can't Patch
- Immediately deactivate and remove the Premium Age Verification plugin from WordPress
- Implement strict file system permissions and web application firewall rules to block file manipulation attempts
🔍 How to Verify
Check if Vulnerable:
Check if /wp-content/plugins/premium-age-verification/remote_tunnel.php exists and plugin version is ≤3.0.2Check Version:
grep -r "Version:" /path/to/wp-content/plugins/premium-age-verification/*.php | head -1Verify Fix Applied:
Verify remote_tunnel.php is removed or inaccessible and plugin version is ≥3.0.3📡 Detection & Monitoring
Log Indicators:
- HTTP requests to /wp-content/plugins/premium-age-verification/remote_tunnel.php
- Unusual file read/write operations in web server logs
- POST requests with file manipulation parameters
Network Indicators:
- Traffic patterns showing file path traversal attempts
- Requests with file= or similar parameters targeting the plugin
SIEM Query:
source="web_logs" AND (uri="*remote_tunnel.php*" OR uri="*/premium-age-verification/*") AND (method="POST" OR params="*file=*")