Description
The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server and the ~/wp-content/plugins/index.php file is missing or ignored.
Published: 2025-08-02
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Exposure
Action: Patch
AI Analysis

Impact

The BitFire Security WordPress plugin exposes sensitive data in all versions up to 4.5. The plugin creates a bitfire_* directory that stores files such as config.ini and debug.log without access restrictions. This flaw is classified as CWE-200: Exposure of Sensitive Information. Because directory listing can be enabled and the critical index.php file is missing, unauthenticated attackers can read these files and obtain confidential information.

Affected Systems

The vulnerability affects the BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress by bitslip6. All releases up to version 4.5 are impacted. No single sub‑version information is specified beyond the 4.5 cut‑off.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate risk, and the EPSS score of less than 1% shows a very low probability of exploitation at this time. The vulnerability corresponds to CWE-200: Exposure of Sensitive Information. Attacks would require the target to have directory listing enabled or a missing index.php file in the plugin directory. Because the attack does not require authentication, any user with web access could exploit it if the conditions exist. The vulnerability is not listed in the CISA KEV catalog.

Generated by OpenCVE AI on April 22, 2026 at 00:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the BitFire plugin to a version newer than 4.5 where the directory creation issue is fixed.
  • Remove or restrict access to the bitfire_* directory, for example by adding an .htaccess file denying access or setting appropriate permissions.
  • Disable directory listing on the web server for the WordPress plugins directory to prevent accidental exposure of the files.
  • Ensure that the plugin’s index.php file is present and protected so that the directory is not considered missing or ignored.

Generated by OpenCVE AI on April 22, 2026 at 00:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-23432 The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server.
History

Mon, 25 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Description The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server. The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server and the ~/wp-content/plugins/index.php file is missing or ignored.

Tue, 05 Aug 2025 19:30:00 +0000

Type Values Removed Values Added
Description The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more. The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more when directory listing is enabled on the server.

Mon, 04 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 04 Aug 2025 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Sat, 02 Aug 2025 09:45:00 +0000

Type Values Removed Values Added
Description The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more.
Title BitFire <= 4.5 - Unauthenticated Information Exposure
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:00:42.253Z

Reserved: 2025-06-26T14:19:42.461Z

Link: CVE-2025-6722

cve-icon Vulnrichment

Updated: 2025-08-04T13:37:49.698Z

cve-icon NVD

Status : Deferred

Published: 2025-08-02T10:15:25.310

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-6722

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T01:00:04Z

Weaknesses