CVE-2025-31070 HIGH

CVE-2025-31070: WordPress HTML5 Radio Player - WPBakery Page Builder Addon plugin <= 2.5 - Arbitrary File Download vulnerability

Vendor Lambertgroup
Product HTML5 Radio Player - WPBakery Page Builder Addon
Weakness CWE-22 · Path traversal
Published July 16, 2025
Last update April 28, 2026

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbg-cleverbakery allows Path Traversal.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a through <= 2.5.

Explanation of Vulnerability in Simple Terms

02Summary

The HTML5 Radio Player addon for WPBakery Page Builder in versions 2.5 and earlier contains a path traversal vulnerability. An attacker can read arbitrary files from the server by manipulating file path parameters. No authentication is required, and the vulnerability can be exploited remotely without user interaction. This allows exposure of sensitive configuration files, database credentials, and other protected content.

What an attacker can do

03Attacker Capabilities

Read arbitrary files from the server, including configuration files and credentials.

Potential impact on your site

04Site Impact

Sensitive files like wp-config.php, database backups, and API keys may be exposed to attackers.

Conditions required to exploit

05Prerequisites

Network access only; no authentication or user interaction required.

Key dates

06Disclosure timeline

July 16, 2025 CVE published
April 28, 2026 Record updated