Description
Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parameter. Attackers can send POST requests to gdrive-ajaxs.php with the ajaxstype parameter set to del_fl_bkp and file_name containing traversal sequences ../../wp-config.php to access sensitive configuration files.
Published: 2026-05-17
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Google Drive for WordPress version 2.2 contains a path‑traversal flaw that allows an unauthenticated attacker to read any file on the server by supplying directory traversal sequences in the file_name parameter. By sending a POST request to gdrive‑ajaxs.php with ajaxstype set to del_fl_bkp and a file_name such as ../../wp-config.php the attacker can obtain sensitive configuration information, potentially exposing database credentials and other confidential data. This flaw is derived from CWE‑22, a directory traversal weakness that compromises confidentiality.

Affected Systems

The vulnerability affects only the Google Drive for WordPress plugin, specifically version 2.2, which is installed on WordPress sites that use this plugin to integrate Google Drive storage. No other WordPress core components are implicated.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, reflecting a significant risk to confidentiality when exploited. The EPSS score is not provided, so the likelihood of exploitation is unknown, but path‑traversal bugs are commonly targeted by attackers due to their simplicity. The vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed widespread exploitation yet, but the absence of a CVE noting an exploit does not diminish the risk for affected sites.

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Google Drive for WordPress plugin to the latest version that addresses the path traversal vulnerability, or contact the vendor for an update if one is not yet released.
  • If updating is not possible, disable or remove the Google Drive for WordPress plugin from the installation to eliminate the vulnerable endpoint.
  • Implement a web application firewall rule or server‑side filter that rejects POST requests to gdrive‑ajaxs.php containing directory traversal patterns such as '..' or '../' in the file_name parameter.

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Sun, 17 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parameter. Attackers can send POST requests to gdrive-ajaxs.php with the ajaxstype parameter set to del_fl_bkp and file_name containing traversal sequences ../../wp-config.php to access sensitive configuration files.
Title Google Drive for WordPress 2.2 Path Traversal RCE via gdrive-ajaxs.php
First Time appeared Google
Google google Drive
Weaknesses CWE-22
CPEs cpe:2.3:a:google:google_drive:2.2:*:*:*:*:*:*:*
Vendors & Products Google
Google google Drive
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Google Google Drive
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-17T12:11:32.252Z

Reserved: 2026-05-17T11:40:28.812Z

Link: CVE-2018-25326

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-17T13:16:44.050

Modified: 2026-05-17T13:16:44.050

Link: CVE-2018-25326

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T14:00:03Z

Weaknesses