CVE-2025-1661 Scanner

CVE-2025-1661 Scanner - Local File Inclusion (LFI) vulnerability in HUSKY – Products Filter Professional for WooCommerce

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

9 days 2 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The HUSKY – Products Filter Professional for WooCommerce is a powerful plugin used in WordPress to enhance the e-commerce capability of WooCommerce stores. It is designed to help store owners and developers create advanced product filtering options for users, improving the shopping experience by narrowing down product searches efficiently. This plugin is widely used in online retail and e-commerce environments across various industries. By allowing customers to sort through products with ease, it aims to increase engagement and conversion rates. Its functionalities are tailored for shop managers, developers, and site owners looking to enhance the product discovery process on their sites. However, without keeping it up-to-date, users may risk the presence of vulnerabilities that can compromise store security.

The Local File Inclusion (LFI) vulnerability detected in this plugin occurs when a malicious actor is able to include files on a server through the web browser. This vulnerability can lead to code execution, leakage of sensitive data, and full server compromise if improperly handled. In this specific case, the vulnerability is triggered via the 'template' parameter in the woof_text_search AJAX action, which allows the inclusion and execution of arbitrary files. Hackers could exploit this flaw to run PHP code from included files on the server. Given the CVSS score of 9.8, this vulnerability poses a critical risk to vulnerable systems, especially where PHP files can be uploaded and executed. Protection and immediate updates are essential to prevent malicious exploitation.

Technical details reveal that the vulnerability is present due to incorrect handling of the 'template' parameter in the plugin's AJAX action. The parameter allows path traversal to include files that are not meant to be accessed, such as configuration files. Attackers can craft a payload to manipulate this parameter and load malicious scripts or local files within the server, potentially escalating their access privileges. By crafting specific requests, they can misuse the AJAX function to access sensitive configurations like wp-config.php, leading to severe outcomes. Systems running this plugin on any WooCommerce store should closely monitor path inputs and sanitize any untrusted user input comprehensively to prevent exploitation.

If exploited by malicious parties, the LFI vulnerability could allow attackers to upload and execute arbitrary PHP files from the server. This can result in data breaches where sensitive customer and business information is exposed. Attackers might manage to leverage the flaw to gain unauthorized administrative access, manipulate store operations, or execute commands that should otherwise be protected. Further negative effects include website defacement, loss of data integrity, and potential financial losses due to compromised customer trust and store functionality interruptions. Countermeasures should aim to mitigate these risks by closing the vulnerability and monitoring systems for unusual activities proactively.

REFERENCES

Get started to protecting your digital assets