Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.0.
Published: 2025-02-25
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an improper limitation of a pathname to a restricted directory, also known as path traversal. It allows an attacker to craft a request that includes a traversal sequence (e.g., \'../\') in a file path parameter handled by the Estatik plugin. This flaw enables local file inclusion, which can expose sensitive configuration files or, if the included file contains code, allow remote code execution. The CVSS score of 7.5 indicates a high severity. The likely attack vector is through a web interface that accepts file paths as user input, making the flaw potentially exploitable from the Internet.

Affected Systems

Any installation of the Estatik WordPress plugin that is version 4.3.0 or earlier is affected. The exact version range is not fully documented, but all releases up to and including 4.3.0 are vulnerable. Users should verify their plugin version and consider an upgrade if possible.

Risk and Exploitability

The EPSS score of less than 1% suggests the current exploitation probability is very low, and the flaw is not listed in the CISA KEV catalog, indicating no publicly known exploits yet. However, the high CVSS score and the straightforward path traversal attack make the risk significant if an attacker can reach the vulnerable endpoint. The flaw is presumably actable by unauthenticated users who can send crafted requests to the plugin’s file handling logic. Prompt remediation is advised to prevent future exploitation.

Generated by OpenCVE AI on May 1, 2026 at 15:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Estatik plugin to a version that resolves the path traversal flaw.
  • If an immediate update is not possible, restrict access to the plugin’s file inclusion endpoint by configuring the web server or firewall to accept requests only from trusted IP addresses.
  • Implement web application firewall rules or input validation that sanitizes file path parameters to eliminate traversal sequences, following best practices for CWE-22 mitigation.

Generated by OpenCVE AI on May 1, 2026 at 15:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-5388 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik allows PHP Local File Inclusion. This issue affects Estatik: from n/a through 4.1.9.
History

Tue, 28 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.1. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.0.
Title WordPress Estatik plugin <= 4.3.1 - Local File Inclusion vulnerability WordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerability

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.0. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.1.
Title WordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerability WordPress Estatik plugin <= 4.3.1 - Local File Inclusion vulnerability
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik allows PHP Local File Inclusion. This issue affects Estatik: from n/a through 4.1.9. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik estatik allows PHP Local File Inclusion.This issue affects Estatik: from n/a through <= 4.3.0.
Title WordPress Estatik plugin <= 4.1.9 - Local File Inclusion vulnerability WordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerability
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Tue, 25 Feb 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 25 Feb 2025 14:30:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik allows PHP Local File Inclusion. This issue affects Estatik: from n/a through 4.1.9.
Title WordPress Estatik plugin <= 4.1.9 - Local File Inclusion vulnerability
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:11:43.893Z

Reserved: 2025-02-17T11:50:42.823Z

Link: CVE-2025-26905

cve-icon Vulnrichment

Updated: 2025-02-25T19:07:37.141Z

cve-icon NVD

Status : Deferred

Published: 2025-02-25T15:15:26.127

Modified: 2026-04-28T19:29:48.367

Link: CVE-2025-26905

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-01T15:30:20Z

Weaknesses