CVE-2025-31554: 
WordPress vulnerability analysis and mitigation

CVE-2025-31554 is a Path Traversal vulnerability discovered in the Docxpresso WordPress plugin affecting versions up to and including 2.6. The vulnerability was publicly disclosed on April 3, 2025, and allows authenticated attackers with Contributor-level access or higher to perform arbitrary file downloads through directory traversal (WPScan, NVD).

The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) with a CVSS v3.1 base score of 5.9 (Medium). The attack vector is network-based (AV:N) with high attack complexity (AC:H), requires no privileges (PR:N), and no user interaction (UI:N). The scope is unchanged (S:U) with high confidentiality impact (C:H) but no impact on integrity (I:N) or availability (A:N) (NVD).

When exploited, this vulnerability allows authenticated attackers to read the contents of arbitrary files on the server, potentially exposing sensitive information. The vulnerability primarily affects the confidentiality of the system, with no direct impact on integrity or availability (WPScan).

Currently, there is no official fix available for this vulnerability. The software is considered abandoned as it hasn't been updated for over a year. Users are advised to either remove and replace the plugin or implement virtual patching solutions. Patchstack has issued a virtual patch to mitigate this issue by blocking potential attacks (Patchstack).