cbcvebase.
CVE-2025-32257
published 2025-04-04

CVE-2025-32257: Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration…

PriorityP276medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.78%
51.5th percentile
Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability in 1clickmigration 1 Click WordPress Migration 1-click-migration allows Retrieve Embedded Sensitive Data.This issue affects 1 Click WordPress Migration: from n/a through <= 2.5.7.

Affected

3 ranges
VendorProductVersion rangeFixed in
1clickmigration1_click_wordpress_migration<= 2.5.7
msrccbl2_hyperv-daemons_5.15.145.2-1_on_cbl_mariner_2.0
msrccbl2_kernel_5.15.135.1-2_on_cbl_mariner_2.0

Detection & IOCsextracted from sources · hover to see the quote

path/wp-content/plugins/1-click-migration/ocm_debug.log
  • HTTP GET request to /wp-content/plugins/1-click-migration/ocm_debug.log returning HTTP 200 with body containing 'debug log content', 'SYSLOG', and 'Archiving plugins' indicates successful unauthenticated information disclosure exploitation.
  • FOFA/asset discovery query for exposed instances: search for body containing '/wp-content/plugins/1-click-migration/' to identify potentially vulnerable WordPress sites.
  • No authentication is required to exploit this vulnerability; any unauthenticated HTTP GET to the debug log path is sufficient.
  • ·The NVD advisory states the vulnerable version range is 'from n/a through <= 2.5.7', but the Nuclei template targets '<= 2.2'. Ensure detection coverage accounts for the full affected range up to and including 2.5.7.

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vendor_msrc8.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.