一、 漏洞 CVE-2025-0822 基础信息
漏洞标题
Bit Assist <= 1.5.2 路径遍历漏洞允许通过fileID参数进行 authenticated (Subscriber+) 任意文件读取
来源:AIGC 神龙大模型
漏洞描述信息
适用于WordPress的Bit Assist插件在所有版本中(包括1.5.2版本)存在路径遍历漏洞,该漏洞通过fileID参数触发。这使得具有订阅者级别及以上访问权限的认证攻击者能够读取服务器上任意文件的内容,这些文件可能包含敏感信息。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
来源:AIGC 神龙大模型
漏洞类别
对路径名的限制不恰当(路径遍历)
来源:AIGC 神龙大模型
漏洞标题
Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
相对路径遍历
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2025-0822 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-0822 的情报信息

  • 标题: Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter -- 🔗来源链接

    标签:

    Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter

  • 标题: DownloadController.php in bit-assist/tags/1.5.2/backend/app/HTTP/Controllers – WordPress Plugin Repository -- 🔗来源链接

    标签:

    DownloadController.php in bit-assist/tags/1.5.2/backend/app/HTTP/Controllers – WordPress Plugin Repository

  • 标题: Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger, Live Chat Support Chat Button – Bit Assist – WordPress plugin | WordPress.org -- 🔗来源链接

    标签:

    Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger, Live Chat Support Chat Button – Bit Assist – WordPress plugin | WordPress.org

  • 标题: Changeset 3239816 – WordPress Plugin Repository -- 🔗来源链接

    标签:

    Changeset 3239816 – WordPress Plugin Repository
  • https://nvd.nist.gov/vuln/detail/CVE-2025-0822