{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/google-drive-for-wordpress-2.2/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2018-25326"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Google Drive for WordPress 2.2"],"_cs_severities":["high"],"_cs_tags":["path traversal","wordpress","CVE-2018-25326","web application vulnerability"],"_cs_type":"advisory","_cs_vendors":["Google"],"content_html":"\u003cp\u003eGoogle Drive for WordPress version 2.2 is susceptible to a path traversal vulnerability (CVE-2018-25326). This flaw allows unauthenticated attackers to read sensitive files on the server. By exploiting this vulnerability, an attacker can craft malicious requests containing directory traversal sequences within the \u003ccode\u003efile_name\u003c/code\u003e parameter, enabling them to bypass security restrictions and access unauthorized files, such as the WordPress configuration file (wp-config.php). This vulnerability poses a significant risk to the confidentiality of sensitive data.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a WordPress site using Google Drive for WordPress version 2.2.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a POST request targeting the \u003ccode\u003egdrive-ajaxs.php\u003c/code\u003e file.\u003c/li\u003e\n\u003cli\u003eThe attacker sets the \u003ccode\u003eajaxstype\u003c/code\u003e parameter to \u003ccode\u003edel_fl_bkp\u003c/code\u003e in the POST request.\u003c/li\u003e\n\u003cli\u003eThe attacker injects directory traversal sequences (e.g., \u003ccode\u003e../../\u003c/code\u003e) into the \u003ccode\u003efile_name\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe attacker specifies the target file to read by appending it to the traversal sequence (e.g., \u003ccode\u003e../../wp-config.php\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe server processes the request without proper sanitization of the \u003ccode\u003efile_name\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe server reads the specified file (e.g., \u003ccode\u003ewp-config.php\u003c/code\u003e) and includes its content in the response.\u003c/li\u003e\n\u003cli\u003eThe attacker receives the response containing the content of the targeted file, potentially revealing sensitive information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows unauthenticated attackers to read arbitrary files on the affected server. This can lead to the disclosure of sensitive information, such as database credentials, API keys, and other configuration details stored in files like \u003ccode\u003ewp-config.php\u003c/code\u003e. The impact can range from data theft to complete compromise of the WordPress site.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or upgrade to a secure version of the Google Drive for WordPress plugin to remediate CVE-2018-25326.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2018-25326 Path Traversal Attempt\u0026rdquo; to identify exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor POST requests to \u003ccode\u003egdrive-ajaxs.php\u003c/code\u003e for suspicious \u003ccode\u003efile_name\u003c/code\u003e parameters containing directory traversal sequences using a WAF or similar security tool.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-17T13:18:56Z","date_published":"2026-05-17T13:18:56Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25326-google-drive-wordpress-path-traversal/","summary":"Google Drive for WordPress 2.2 is vulnerable to path traversal (CVE-2018-25326), allowing unauthenticated attackers to read arbitrary files by injecting directory traversal sequences in the file_name parameter.","title":"CVE-2018-25326: Google Drive for WordPress Path Traversal Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25326-google-drive-wordpress-path-traversal/"}],"language":"en","title":"CraftedSignal Threat Feed — Google Drive for WordPress 2.2","version":"https://jsonfeed.org/version/1.1"}