CVE-2025-48317 is a high-severity path traversal vulnerability (CWE-35) identified in the Stefan Keller WooCommerce Payment Gateway for Saferpay plugin. This plugin integrates the Saferpay payment system into WooCommerce, a widely used e-commerce platform on WordPress. The vulnerability allows an unauthenticated attacker to perform a path traversal attack remotely (AV:N/AC:L/PR:N/UI:N), meaning no privileges or user interaction are required. By exploiting this flaw, an attacker can manipulate file path parameters to access arbitrary files on the web server outside the intended directories. This can lead to unauthorized disclosure of sensitive information such as configuration files, credentials, or other critical data stored on the server. The CVSS 3.1 base score of 7.5 reflects the high confidentiality impact, with no impact on integrity or availability. The vulnerability affects all versions of the plugin up to 0.4.9, with no patch currently available. Although no known exploits are reported in the wild yet, the ease of exploitation and the critical nature of the data potentially exposed make this a significant threat to websites using this payment gateway. Since WooCommerce is a popular e-commerce solution, and payment gateways handle sensitive financial data, this vulnerability poses a serious risk to online stores relying on this plugin for Saferpay integration.

For European organizations, especially e-commerce businesses using WooCommerce with the Stefan Keller Saferpay payment gateway, this vulnerability could lead to unauthorized disclosure of sensitive customer and payment data. This compromises customer privacy and can result in financial fraud, regulatory non-compliance (e.g., GDPR violations), and reputational damage. The exposure of configuration files or credentials could also facilitate further attacks, including full server compromise or lateral movement within the network. Given the critical role of payment gateways in processing transactions, exploitation could undermine trust in affected merchants and disrupt business operations. Additionally, the lack of authentication and user interaction requirements means attackers can automate exploitation attempts at scale, increasing the risk of widespread data breaches across European e-commerce platforms.

Immediate mitigation steps include: 1) Temporarily disabling the Stefan Keller WooCommerce Payment Gateway for Saferpay plugin until a patch is released. 2) Restricting access to sensitive directories and files on the web server via web server configuration (e.g., .htaccess rules or equivalent) to prevent unauthorized file access. 3) Implementing Web Application Firewall (WAF) rules to detect and block path traversal attack patterns targeting the plugin's endpoints. 4) Monitoring web server logs for suspicious requests containing path traversal payloads (e.g., ../ sequences). 5) Applying the principle of least privilege to the web server user to limit file system access. 6) Keeping WooCommerce and all plugins updated and subscribing to vendor security advisories for prompt patch deployment once available. 7) Conducting a security audit of the e-commerce environment to identify and remediate any additional vulnerabilities or misconfigurations that could be exploited in conjunction with this issue.