{"id":41817,"date":"2025-05-21T16:59:10","date_gmt":"2025-05-21T16:59:10","guid":{"rendered":""},"modified":"2025-09-10T12:13:43","modified_gmt":"2025-09-10T18:13:43","slug":"cve-2025-4564-arbitrary-file-deletion-vulnerability-in-ticketbai-facturas-para-woocommerce-plugin","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-4564-arbitrary-file-deletion-vulnerability-in-ticketbai-facturas-para-woocommerce-plugin\/","title":{"rendered":"<strong>CVE-2025-4564: Arbitrary File Deletion Vulnerability in TicketBAI Facturas para WooCommerce Plugin<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>In the realm of cybersecurity, the discovery of new vulnerabilities is a common occurrence. CVE-2025-4564 is one such vulnerability that poses a significant threat to WordPress websites that employ the TicketBAI Facturas para WooCommerce plugin. The vulnerability, which arises from insufficient file path validation, allows unauthenticated attackers to delete <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-4317-thegem-wordpress-theme-vulnerability-leading-to-arbitrary-file-uploads\/\"  data-wpil-monitor-id=\"48168\">arbitrary files<\/a> on the server. With a severity score of 9.8, it&#8217;s a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-43232-critical-permissions-issue-allowing-app-to-bypass-privacy-preferences-in-macos\/\"  data-wpil-monitor-id=\"69143\">critical issue<\/a> that requires immediate attention from webmasters and developers alike.<br \/>\nThe gravity of this vulnerability lies in its potential to lead to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-21325-microsoft-printer-metadata-troubleshooter-tool-remote-code-execution-vulnerability\/\"  data-wpil-monitor-id=\"47729\">remote code execution<\/a>. An attacker can exploit this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-31244-file-quarantine-bypass-vulnerability-in-macos-sequoia-15-5\/\"  data-wpil-monitor-id=\"47849\">vulnerability to delete vital files<\/a> such as wp-config.php, which can easily compromise the entire system or lead to data leakage. This makes it a significant threat to any organization that relies on this popular eCommerce <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-4391-wordpress-echo-rss-feed-post-generator-plugin-arbitrary-file-upload-vulnerability\/\"  data-wpil-monitor-id=\"50854\">plugin for their WordPress<\/a> websites.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-4564<br \/>\nSeverity: Critical (9.8 CVSS Score)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-39401-unrestricted-file-upload-leading-to-potential-system-compromise-in-mojoomla-wpams\/\"  data-wpil-monitor-id=\"52068\">System compromise<\/a> or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-1016183362\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>TicketBAI Facturas para <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-5391-arbitrary-file-deletion-vulnerability-in-woocommerce-purchase-orders-plugin-for-wordpress\/\"  data-wpil-monitor-id=\"81293\">WooCommerce Plugin<\/a> | Up to and including 3.18<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-29445-uncontrolled-search-path-element-vulnerability-leads-to-privilege-escalation\/\"  data-wpil-monitor-id=\"47847\">vulnerability arises from insufficient file path<\/a> validation in the &#8216;delpdf&#8217; action of the TicketBAI Facturas para WooCommerce plugin. This allows an unauthenticated attacker to send a specially crafted request to <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-43560-improper-input-validation-vulnerability-in-coldfusion-allowing-arbitrary-code-execution\/\"  data-wpil-monitor-id=\"49350\">delete<\/a> arbitrary files on the server. The severity of the impact depends on the nature of the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3812-critical-arbitrary-file-deletion-vulnerability-in-wpbot-pro-wordpress-chatbot-plugin\/\"  data-wpil-monitor-id=\"51196\">deleted file<\/a>. For instance, deletion of the wp-config.php file can lead to remote <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2022-46721-arbitrary-code-execution-vulnerability-in-macos\/\"  data-wpil-monitor-id=\"47740\">code execution<\/a>, thereby compromising the entire system.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-3596968443\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>An attacker could exploit this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47708-cross-site-request-forgery-vulnerability-in-drupal-enterprise-mfa-tfa\/\"  data-wpil-monitor-id=\"49791\">vulnerability using a HTTP request<\/a> like the following:<\/p>\n<pre><code class=\"\" data-line=\"\">GET \/wp-content\/plugins\/ticketbai-facturas-para-woocommerce\/delpdf.php?file=..\/..\/wp-config.php HTTP\/1.1\nHost: target.example.com<\/code><\/pre>\n<p>In this example, the attacker is attempting to delete the wp-config.php file, which is the central configuration <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-4389-arbitrary-file-upload-vulnerability-in-wordpress-crawlomatic-multipage-scraper-post-generator-plugin\/\"  data-wpil-monitor-id=\"51082\">file for WordPress<\/a>. If successful, this could <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-31234-input-sanitization-flaw-leading-to-system-termination-and-kernel-memory-corruption\/\"  data-wpil-monitor-id=\"47886\">lead to a full system<\/a> compromise.<\/p>\n<p><strong>Mitigation Guidance<\/strong><\/p>\n<p>The immediate <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47933-arbitrary-actions-and-cross-site-scripting-vulnerability-in-argo-cd\/\"  data-wpil-monitor-id=\"58450\">action for mitigating this vulnerability<\/a> is to apply the vendor patch. If the patch is not available or cannot be applied immediately, using a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation. Additionally, regular updates and <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-42598-critical-security-vulnerability-in-seiko-epson-printer-drivers-for-windows-os\/\"  data-wpil-monitor-id=\"57593\">security audits can help prevent the exploitation of such vulnerabilities<\/a> in the future.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview In the realm of cybersecurity, the discovery of new vulnerabilities is a common occurrence. CVE-2025-4564 is one such vulnerability that poses a significant threat to WordPress websites that employ the TicketBAI Facturas para WooCommerce plugin. The vulnerability, which arises from insufficient file path validation, allows unauthenticated attackers to delete arbitrary files on the server. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[80],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-41817","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-rce"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/41817","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=41817"}],"version-history":[{"count":16,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/41817\/revisions"}],"predecessor-version":[{"id":73742,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/41817\/revisions\/73742"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=41817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=41817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=41817"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=41817"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=41817"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=41817"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=41817"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=41817"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=41817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}