CVE-2025-1661 Scanner

CVE-2025-1661 Scanner - Local File Inclusion (LFI) vulnerability in HUSKY – Products Filter Professional for WooCommerce

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

9 days 17 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

HUSKY – Products Filter Professional for WooCommerce is a popular WordPress plugin designed to enhance product filtering and searching capabilities for WooCommerce stores. This plugin allows online store owners to provide customers with efficient filtering options based on product attributes, categories, prices, and other criteria. Widely adopted in e-commerce websites, HUSKY enables an enhanced user experience and streamlined navigation of extensive product catalogs. Developed specifically for integration with WooCommerce, this plugin is particularly popular among merchants looking for advanced customization options. Its primary purpose is to simplify the customer journey, improve product discoverability, and increase sales conversion rates. Online retailers across various sectors, including fashion, electronics, and home goods, frequently utilize this tool for improved store performance and customer satisfaction.

The Local File Inclusion (LFI) vulnerability in HUSKY – Products Filter Professional for WooCommerce occurs due to improper validation of the 'template' parameter used within the 'woof_text_search' AJAX action. This flaw allows an unauthenticated attacker to manipulate input and include arbitrary files from the server filesystem, resulting in execution of unintended PHP scripts. Attackers can exploit this vulnerability remotely, bypassing authentication mechanisms, and directly executing malicious payloads. Exploitation is straightforward, as it requires only a crafted HTTP request targeting the affected parameter without needing user credentials or elevated permissions. The vulnerability is highly critical due to the simplicity of exploitation, combined with its potential to compromise sensitive data or the entire server environment. All plugin versions up to and including 1.3.6.5 are vulnerable to this critical security flaw.

The vulnerability resides specifically in the 'template' parameter passed to the AJAX handler 'woof_text_search' located at '/wp-admin/admin-ajax.php'. An attacker can craft specially designed POST requests containing directory traversal sequences like "../../../../../../" within this parameter. By doing this, attackers trick the plugin into processing and executing files outside the intended directory context. The vulnerable endpoint processes this parameter without adequate input validation, allowing attackers to execute arbitrary PHP files located on the server. Successful requests could result in loading sensitive files such as 'wp-config.php', exposing credentials and server configuration data. This behavior significantly increases the risk and impact, especially if attackers have already placed malicious files on the server or exploit publicly accessible configuration files.

Successful exploitation of this vulnerability could result in unauthorized execution of arbitrary PHP code, granting attackers extensive control over the affected WordPress environment. Attackers can leverage this flaw to escalate privileges, access confidential data, compromise databases, or perform unauthorized administrative actions. Sensitive user information, including database credentials, administrative passwords, and payment details, may be disclosed, leading to severe privacy breaches. In extreme cases, attackers might gain full administrative access, enabling persistent threats, defacement, or installation of malware. Ultimately, the compromised system can be used as a launching point for additional attacks within the organization's network infrastructure.

REFERENCES

Get started to protecting your digital assets

Start trial See the plans

CVE-2025-1661 Scanner

Short Info

-

Detail

Solution Advice

Category