Description
The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Published: 2026-02-04
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read by authenticated administrators
Action: Patch
AI Analysis

Impact

The Code Explorer WordPress plugin contains a path‑traversal flaw in the 'file' parameter that allows any authenticated user with Administrator or higher privileges to read the contents of arbitrary files on the server. This can expose sensitive data stored on the website files or system directories. The weakness is a classic path‑traversal error (CWE‑22) and is confined to authorized internal users, not to unauthenticated visitors.

Affected Systems

qriouslad Code Explorer versions 1.0 to 1.4.6, deployed on WordPress sites.

Risk and Exploitability

The CVSS score of 4.9 classifies this vulnerability as moderate in severity, and the EPSS score of less than 1 % indicates that exploitation attempts are expected to be very rare. Since the flaw requires authentication as an administrator, it is unlikely to be exploited by attackers who have not already compromised accounts. The vulnerability is not listed in the CISA KEV catalog, suggesting it has not yet been widely exploited.

Generated by OpenCVE AI on April 20, 2026 at 20:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Code Explorer plugin to the latest version where the path‑traversal issue has been fixed. If no newer version is available, remove the plugin until a fix is released.
  • Ensure that only trusted administrators have access to the WordPress backend; consider using role‑based access restrictions or stronger authentication methods.
  • Review and tighten file system permissions on the server so that the web server process cannot read sensitive files outside the webroot.

Generated by OpenCVE AI on April 20, 2026 at 20:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 04 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Wed, 04 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 08:45:00 +0000

Type Values Removed Values Added
Description The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Title Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:34:27.130Z

Reserved: 2026-01-08T12:26:13.470Z

Link: CVE-2025-15487

cve-icon Vulnrichment

Updated: 2026-02-04T15:17:22.594Z

cve-icon NVD

Status : Deferred

Published: 2026-02-04T09:15:51.207

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-15487

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T21:00:12Z

Weaknesses