CVE-2025-32257
published 2025-04-04CVE-2025-32257: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration…
PriorityP276medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.78%
51.5th percentile
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration allows Retrieve Embedded Sensitive Data.This issue affects 1 Click WordPress Migration: from n/a through <= 2.5.7.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 1clickmigration | 1_click_wordpress_migration | <= 2.5.7 | — |
| msrc | cbl2_hyperv-daemons_5.15.145.2-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.135.1-2_on_cbl_mariner_2.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to /wp-content/plugins/1-click-migration/ocm_debug.log returning HTTP 200 with body containing 'debug log content', 'SYSLOG', and 'Archiving plugins' indicates successful unauthenticated information disclosure exploitation. ↗
- →FOFA/asset discovery query for exposed instances: search for body containing '/wp-content/plugins/1-click-migration/' to identify potentially vulnerable WordPress sites. ↗
- →No authentication is required to exploit this vulnerability; any unauthenticated HTTP GET to the debug log path is sufficient. ↗
- ·The NVD advisory states the vulnerable version range is 'from n/a through <= 2.5.7', but the Nuclei template targets '<= 2.2'. Ensure detection coverage accounts for the full affected range up to and including 2.5.7. ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vendor_msrc8.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-297g-cjpm-qw2x: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration allows Retrie
ghsa_unreviewed·2025-04-04
CVE-2025-32257 [MEDIUM] CWE-1258 GHSA-297g-cjpm-qw2x: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration allows Retrie
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration allows Retrieve Embedded Sensitive Data. This issue affects 1 Click WordPress Migration: from n/a through 2.2.
VulnCheck
1clickmigration 1_click_migration Exposure of Sensitive System Information Due to Uncleared Debug Information
vulncheck·2025
CVE-2025-32257 1clickmigration 1_click_migration Exposure of Sensitive System Information Due to Uncleared Debug Information
1clickmigration 1_click_migration Exposure of Sensitive System Information Due to Uncleared Debug Information
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration allows Retrieve Embedded Sensitive Data.This issue affects 1 Click WordPress Migration: from n/a through <= 2.5.7.
Affected: 1clickmigration 1_click_migration
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://tracker.crowdsec.net/cves/CVE-2025-32257
Microsoft
Session race condition remote code execution vulnerability
vendor_msrc·2023-07-11·CVSS 8.1
CVE-2023-32257 [HIGH] CWE-667 Session race condition remote code execution vulnerability
Session race condition remote code execution vulnerability
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
redhat: redhat
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://
No detection rules found.
Nuclei
1 Click WordPress Migration <= 2.2 - Unauthenticated Information Disclsoure
nuclei
CVE-2025-32257 1 Click WordPress Migration <= 2.2 - Unauthenticated Information Disclsoure
1 Click WordPress Migration <= 2.2 - Unauthenticated Information Disclsoure
1 Click WordPress Migration <= 2.2 contains an information disclosure caused by uncleared debug information, letting attackers retrieve embedded sensitive data, exploit requires no specific privileges.
Template:
id: CVE-2025-32257
info:
name: 1 Click WordPress Migration <= 2.2 - Unauthenticated Information Disclsoure
author: pussycat0x
severity: medium
description: |
1 Click WordPress Migration <= 2.2 contains an information disclosure caused by uncleared debug information, letting attackers retrieve embedded sensitive data, exploit requires no specific privileges.
impact:
Attackers can access sensitive embedded data, potentially leading to information disclosure and further exploitation.
remediation:
Remove deb
No writeups or analysis indexed.
2025-04-04
Published
Exploited in the wild