{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:24:56.076","vulnerabilities":[{"cve":{"id":"CVE-2025-0365","sourceIdentifier":"security@wordfence.com","published":"2025-02-01T06:15:31.213","lastModified":"2025-02-24T15:56:57.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."},{"lang":"es","value":"El complemento Jupiter X Core para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 4.8.7 y incluida a través de la función SVG en línea. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener información confidencial."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"4.8.8","matchCriteriaId":"E0A7CCAB-3FA9-4EFE-8BD2-5C479D5E3EF3"}]}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/inline-svg/widgets/inline-svg.php","source":"security@wordfence.com","tags":["Patch"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3bc5ef7-6825-463f-a3ce-d6ab1fc0e030?source=cve","source":"security@wordfence.com","tags":["Third Party Advisory"]}]}}]}