CVE-2025-3295 is a security vulnerability classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory, commonly known as a path traversal flaw) found in the benjaminprojas WP Editor plugin for WordPress. This vulnerability exists in all versions up to and including 1.2.9.1. The flaw allows an authenticated attacker with Administrator-level access or higher to exploit the plugin's insufficient validation of file path inputs, enabling arbitrary file read operations on the server hosting the WordPress site. By manipulating file path parameters, the attacker can traverse directories outside the intended restricted directory, accessing sensitive files such as configuration files, database backups, or other critical data. The vulnerability does not require user interaction beyond authentication and does not impact the integrity or availability of the system, but it compromises confidentiality. The CVSS v3.1 base score is 4.9, indicating medium severity, with attack vector network (remote), low attack complexity, high privileges required, no user interaction, unchanged scope, high confidentiality impact, and no integrity or availability impact. No patches or fixes are currently linked, and no known exploits have been reported in the wild as of the publication date. This vulnerability poses a risk primarily to WordPress sites using the affected plugin versions, especially those with multiple administrators or high-value data stored on the server.

The primary impact of CVE-2025-3295 is unauthorized disclosure of sensitive information stored on the web server hosting the vulnerable WordPress site. Attackers with administrator privileges can read arbitrary files, potentially exposing database credentials, private keys, configuration files, or other sensitive data that could facilitate further attacks such as privilege escalation, data theft, or site compromise. While the vulnerability does not directly affect system integrity or availability, the confidentiality breach can lead to significant operational and reputational damage. Organizations relying on the WP Editor plugin in environments with multiple administrators or where administrator credentials might be compromised are at higher risk. The medium CVSS score reflects the requirement for high privileges, limiting exploitation to insiders or attackers who have already gained administrative access, but the ease of reading arbitrary files once authenticated makes it a serious concern for data protection and compliance with privacy regulations.

To mitigate CVE-2025-3295, organizations should immediately verify if they are using the benjaminprojas WP Editor plugin version 1.2.9.1 or earlier and plan to upgrade to a patched version once available. In the absence of an official patch, administrators should restrict plugin access strictly to trusted users and consider disabling or removing the plugin if it is not essential. Implementing strict file system permissions on the server to limit the web server user’s access to sensitive files can reduce the impact of arbitrary file reads. Monitoring and auditing administrator activities and access logs can help detect suspicious behavior indicative of exploitation attempts. Additionally, enforcing strong authentication mechanisms, including multi-factor authentication for administrator accounts, can reduce the risk of unauthorized access. Regular backups and incident response plans should be updated to address potential data exposure scenarios. Finally, security teams should stay alert for any emerging exploit code or patches related to this vulnerability.