CVE-2025-2880 in Yame Plugininfo

Summary

by MITRE • 05/02/2025

The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 05/02/2025

The vulnerability identified as CVE-2025-2880 affects the Yame | Link In Bio plugin for WordPress, representing a critical security flaw that exposes sensitive system information to unauthenticated attackers. This vulnerability exists in all versions up to and including 0.9.0 of the plugin, making it a widespread concern for WordPress users who have installed this particular plugin. The exposed information includes details that could be exploited by malicious actors to gain deeper insights into the affected system's configuration and environment. The presence of a publicly accessible phpinfo.php script within the plugin's directory structure creates an unintended attack surface that bypasses normal authentication mechanisms and allows anyone with internet access to retrieve potentially sensitive data.

The technical flaw stems from improper access control implementation within the plugin's codebase, where a phpinfo.php file is left accessible without any authentication requirements. This file typically contains detailed information about the PHP configuration, server environment variables, loaded extensions, and other system-level details that could be valuable to attackers. According to CWE-200, this vulnerability falls under "Information Exposure," specifically exposing system information that could aid in further exploitation attempts. The flaw represents a direct violation of secure coding practices, as sensitive information should never be exposed through publicly accessible endpoints without proper authorization mechanisms. The presence of this script suggests inadequate security testing during the plugin's development lifecycle and highlights the importance of proper input validation and access control implementation.

The operational impact of this vulnerability extends beyond simple information disclosure, as the exposed data could enable attackers to craft more sophisticated attacks against the affected WordPress installations. The information revealed through the phpinfo.php script may include database connection details, server paths, PHP version information, and other configuration parameters that could be leveraged in subsequent exploitation phases. This vulnerability aligns with ATT&CK technique T1083 (File and Directory Discovery) and T1528 (Steal Application Access Token) by providing attackers with foundational information needed to escalate their attacks. Organizations running affected versions of this plugin face increased risk of compromise, as the exposed information could be used to identify additional vulnerabilities, plan targeted attacks, or facilitate lateral movement within their network infrastructure. The unauthenticated nature of the vulnerability means that any user with access to the internet can exploit this flaw, making it particularly dangerous in environments where the plugin is widely deployed.

Mitigation strategies for CVE-2025-2880 should prioritize immediate action to address the exposed phpinfo.php script. The most effective approach involves removing or renaming the vulnerable script from the plugin's directory structure, ensuring that no publicly accessible files contain sensitive information. Administrators should also implement proper access controls and directory permissions to prevent unauthorized access to plugin directories. Additionally, regular security audits should be conducted to identify similar vulnerabilities in other plugins and themes. According to NIST guidelines for secure software development, this vulnerability highlights the importance of conducting thorough security reviews and implementing proper access control mechanisms. The WordPress community should also consider updating to newer versions of the plugin if available, or implementing temporary workarounds such as web application firewalls to block access to the vulnerable endpoint. Organizations should monitor their systems for any signs of exploitation attempts and implement comprehensive logging to track access to potentially vulnerable endpoints. Regular updates and patch management procedures should be enforced to prevent similar vulnerabilities from being introduced in the future.

Reservation

03/27/2025

Disclosure

05/02/2025

Moderation

accepted

CPE

ready

EPSS

0.00327

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!