来源

关联漏洞

描述

This repository features a Nuclei template specifically designed to detect the Path Traversal vulnerability (CVE-2025-25163) in the Plugin A/B Image Optimizer for WordPress. This vulnerability poses a critical security risk, allowing unauthorized access to sensitive server files.

介绍

# Nuclei Template for CVE-2025-25163

## 🚀 Overview

This repository features a Nuclei template specifically designed to detect the **Path Traversal** vulnerability (CVE-2025-25163) in the **Plugin A/B Image Optimizer** for WordPress. This vulnerability poses a critical security risk, allowing unauthorized access to sensitive server files.

## 🔍 Vulnerability Description

CVE-2025-25163 is a path traversal vulnerability that permits attackers to manipulate file paths, enabling access to files beyond the intended directory structure. Exploitation of this vulnerability can result in the exposure of sensitive data, compromising the confidentiality and integrity of the system.

### 🛑 Affected Versions

- **Plugin A/B Image Optimizer**: Versions **up to and including 3.3**.

### 📊 CVSS Score

- **Base Score**: 7.5 (High)

### 🏷️ CVSS Vector

- `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N`

## 📋 Template Details

This Nuclei template attempts to exploit the path traversal vulnerability by targeting the `/etc/passwd` file—a standard technique for testing such vulnerabilities.

### 🛠️ Usage Instructions

To utilize this template with Nuclei, ensure that you have [Nuclei](https://nuclei.projectdiscovery.io/) installed. Run the following command in your terminal:

```bash
nuclei -t path/to/template.yaml -u <target_url>
```

## 👤 Author

This template was developed by [rootharpy](https://github.com/rootharpy). For inquiries or contributions, please reach out via GitHub.

文件快照

 [4.0K]  /data/pocs/dd8fa00ccb8c9053340a16b967b2932eb3e2f632
├── [1.0K]  CVE-2025-25163.yaml
└── [1.5K]  README.md

0 directories, 2 files

备注