CVE-2025-60192 identifies a vulnerability in the Premmerce Wholesale Pricing for WooCommerce plugin, specifically due to improper control over the filename used in PHP include or require statements. This flaw allows an attacker to perform remote file inclusion (RFI), where malicious PHP code hosted on an external server can be included and executed by the vulnerable application. The vulnerability affects all versions up to and including 1.1.10. The attack vector requires no authentication and no user interaction, making it remotely exploitable over the network. The CVSS 3.1 base score of 7.5 reflects the network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), high integrity impact (I:H), and no availability impact (A:N). The primary impact is the ability to execute arbitrary code remotely, compromising the integrity of the affected system. This vulnerability arises from insufficient validation or sanitization of user-supplied input that controls the filename in PHP include/require statements, a common vector for RFI attacks. While no public exploits are currently known, the nature of the vulnerability makes it a prime target for attackers aiming to gain control over WooCommerce-based e-commerce sites. The plugin is widely used in WordPress environments that manage wholesale pricing, making it a critical component in the e-commerce supply chain. Attackers exploiting this vulnerability could inject malicious code, manipulate pricing data, steal sensitive customer information, or pivot to other internal systems. The lack of a patch link suggests that a fix may still be pending or not yet publicly released, emphasizing the need for vigilance and interim protective measures.

For European organizations, the impact of CVE-2025-60192 is significant, especially for those operating WooCommerce-based e-commerce platforms that utilize the Premmerce Wholesale Pricing plugin. Successful exploitation can lead to arbitrary code execution on web servers, resulting in data integrity compromise, potential theft of sensitive customer and business data, and disruption of wholesale pricing operations. This can damage business reputation, lead to financial losses, and expose organizations to regulatory penalties under GDPR due to data breaches. The vulnerability's remote exploitability without authentication increases the risk of widespread automated attacks or targeted campaigns. Given the critical role of e-commerce in European economies, especially in countries with high WooCommerce adoption, the threat could affect supply chains and customer trust. Additionally, attackers could use compromised servers as footholds for further lateral movement within corporate networks, amplifying the overall risk.

1. Immediate monitoring for updates from Premmerce and prompt application of any released patches to address the vulnerability. 2. Until patches are available, implement strict input validation and sanitization on all user-supplied parameters controlling file inclusion paths. 3. Deploy Web Application Firewalls (WAFs) with custom rules to detect and block attempts to exploit file inclusion vulnerabilities, including blocking suspicious external URL requests in include/require parameters. 4. Restrict PHP configuration settings such as disabling allow_url_include and allow_url_fopen to prevent remote file inclusion. 5. Conduct thorough code audits of the plugin and any customizations to identify and remediate unsafe file inclusion practices. 6. Employ network segmentation to limit the impact of a compromised web server. 7. Monitor web server logs for unusual requests or errors indicative of exploitation attempts. 8. Educate development and security teams about secure coding practices related to file inclusion and input handling.