Search

Find a vulnerability

Search criteria

    2 vulnerabilities by liangshao

    CVE-2025-14867 (GCVE-0-2025-14867)

    Vulnerability from nvd – Published: 2026-01-07 06:36 – Updated: 2026-04-08 17:33
    VLAI
    Title
    Flashcard Plugin for WordPress <= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal
    Summary
    The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the 'source' attribute of the 'flashcard' shortcode. This makes it possible for authenticated attackers, with contributor level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    liangshao Flashcard Plugin for WordPress Affected: 0 , ≤ 0.9 (semver)
    Create a notification for this product.
    Credits
    Bhumividh Treloges
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14867",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-07T14:51:14.580283Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T16:13:36.082Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Flashcard Plugin for WordPress",
              "vendor": "liangshao",
              "versions": [
                {
                  "lessThanOrEqual": "0.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bhumividh Treloges"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the \u0027source\u0027 attribute of the \u0027flashcard\u0027 shortcode. This makes it possible for authenticated attackers, with contributor level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:33:15.097Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4fcc6e5-1f90-41e7-8d5a-2bfe8cbf46fa?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/flashcard/tags/0.9/flashcard.php?marks=73,109#L73"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-17T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2026-01-06T18:34:27.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Flashcard Plugin for WordPress \u003c= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-14867",
        "datePublished": "2026-01-07T06:36:04.362Z",
        "dateReserved": "2025-12-18T02:45:09.366Z",
        "dateUpdated": "2026-04-08T17:33:15.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14867 (GCVE-0-2025-14867)

    Vulnerability from cvelistv5 – Published: 2026-01-07 06:36 – Updated: 2026-04-08 17:33
    VLAI
    Title
    Flashcard Plugin for WordPress <= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal
    Summary
    The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the 'source' attribute of the 'flashcard' shortcode. This makes it possible for authenticated attackers, with contributor level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    liangshao Flashcard Plugin for WordPress Affected: 0 , ≤ 0.9 (semver)
    Create a notification for this product.
    Credits
    Bhumividh Treloges
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14867",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-07T14:51:14.580283Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T16:13:36.082Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Flashcard Plugin for WordPress",
              "vendor": "liangshao",
              "versions": [
                {
                  "lessThanOrEqual": "0.9",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bhumividh Treloges"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Flashcard plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.9 via the \u0027source\u0027 attribute of the \u0027flashcard\u0027 shortcode. This makes it possible for authenticated attackers, with contributor level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:33:15.097Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4fcc6e5-1f90-41e7-8d5a-2bfe8cbf46fa?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/flashcard/tags/0.9/flashcard.php?marks=73,109#L73"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-17T00:00:00.000Z",
              "value": "Discovered"
            },
            {
              "lang": "en",
              "time": "2026-01-06T18:34:27.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Flashcard Plugin for WordPress \u003c= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-14867",
        "datePublished": "2026-01-07T06:36:04.362Z",
        "dateReserved": "2025-12-18T02:45:09.366Z",
        "dateUpdated": "2026-04-08T17:33:15.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }