A high-severity vulnerability has been identified in the Propovoice WordPress plugin, which could allow an unauthenticated attacker to read sensitive files from the web server. Successful exploitation could lead to the exposure of confidential data, such as database credentials and system configuration files, potentially resulting in a full system compromise. Organizations using this plugin are urged to apply the recommended updates immediately to mitigate the risk of a data breach.

The Propovoice plugin is vulnerable to an Arbitrary File Read flaw. This type of vulnerability typically occurs when the application uses user-supplied input to construct a file path without proper validation or sanitization. An attacker can exploit this by manipulating the input to include directory traversal sequences (e.g., ../../..) to navigate the file system and access files outside of the intended directory, such as wp-config.php or /etc/passwd, which contain sensitive server and database credentials.

This vulnerability presents a significant risk to the organization, classified as High severity with a CVSS score of 7.5. The ability for an attacker to read arbitrary files can lead directly to the theft of sensitive information, including database credentials, API keys, and other secrets stored on the server. This could result in a complete compromise of the website's database, a breach of customer or user data, reputational damage, and potential regulatory fines for non-compliance with data protection standards.

Immediate Action: Immediately update the "Propovoice: All-in-One Client Management System" plugin to the latest version provided by the vendor, which contains a patch for this vulnerability. If the plugin is not critical to business operations, consider deactivating and removing it entirely to eliminate the attack surface.

Proactive Monitoring: Monitor web server access logs for suspicious requests targeting the Propovoice plugin's files or functions. Specifically, look for requests containing directory traversal patterns (e.g., ../, %2e%2e/) in URL parameters. Implement alerts for multiple failed access attempts or unusual file access patterns originating from a single IP address.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules designed to detect and block directory traversal attacks. Additionally, enforce strict file permissions on the web server to limit the files that the web server's user account can access, reducing the impact of a potential breach.

Public Exploit Available: false

Given the high severity (CVSS 7.5) of this vulnerability and the potential for complete data compromise, immediate action is strongly recommended. Organizations should prioritize applying the vendor-supplied patch to all affected WordPress instances. Although this vulnerability is not currently listed on the CISA KEV catalog, its straightforward nature makes it a prime target for future exploitation, and it should be remediated in accordance with internal patching policies for high-risk vulnerabilities.