CVE-2025-15491 is a path traversal vulnerability classified under CWE-22 found in the Post Slides WordPress plugin through version 1.0.1. The issue arises because the plugin fails to properly validate certain shortcode attributes before using them to construct file paths passed to PHP include functions. This improper limitation allows authenticated users with contributor or higher roles to manipulate the path parameters, enabling Local File Inclusion (LFI) attacks. LFI vulnerabilities permit attackers to include arbitrary files from the server, potentially exposing sensitive information such as configuration files, source code, or user data. The vulnerability requires authentication with at least contributor privileges, which are commonly granted to users who can submit content but not publish it directly. The CVSS v3.1 base score is 5.5 (medium severity), reflecting network exploitability with low attack complexity but requiring privileges and no user interaction. The impact vector includes limited confidentiality and integrity loss without affecting availability. No known exploits have been reported in the wild, and no official patches or updates have been published at the time of disclosure. The vulnerability affects all versions up to 1.0.1 of the Post Slides plugin, which is used to create slide presentations within WordPress sites. The flaw could be leveraged by malicious insiders or compromised contributor accounts to escalate access or extract sensitive files. The vulnerability's scope is limited to sites using this specific plugin and having users with contributor or higher roles.

For European organizations, the primary impact of this vulnerability lies in the potential unauthorized disclosure of sensitive files and partial integrity compromise on WordPress sites using the Post Slides plugin. Attackers with contributor-level access could read configuration files, credentials, or other sensitive data stored on the web server, leading to further compromise or data leakage. Although availability is not impacted, the confidentiality breach could expose personal data protected under GDPR, resulting in regulatory and reputational consequences. Organizations relying on WordPress for public-facing or internal content management that grant contributor roles to multiple users are particularly at risk. The vulnerability could be exploited by malicious insiders or external attackers who have obtained contributor credentials. Since no known exploits exist yet, the immediate risk is moderate, but the potential for escalation and lateral movement within compromised environments is significant. European entities with strict data protection requirements must prioritize mitigation to avoid compliance violations and data breaches.

1. Immediately audit and restrict contributor and higher-level user privileges on WordPress sites using the Post Slides plugin, ensuring only trusted users have such access. 2. Monitor logs for unusual include path usage or attempts to access unexpected files via shortcode attributes. 3. Disable or remove the Post Slides plugin if not essential, or replace it with alternative plugins that do not have this vulnerability. 4. Implement Web Application Firewall (WAF) rules to detect and block suspicious path traversal patterns targeting shortcode parameters. 5. Apply principle of least privilege on file system permissions to limit the files accessible by the web server user. 6. Stay alert for official patches or updates from the plugin developer and apply them promptly once available. 7. Conduct regular security assessments and penetration tests focusing on WordPress plugins and user role configurations. 8. Educate content contributors about the risks of credential compromise and enforce strong authentication mechanisms such as MFA.