exploitDog

CVE-2025-2780

Опубликовано: 04 апр. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Ссылки

https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422
Release Notes
https://www.wordfence.com/threat-intel/vulnerabilities/id/7d057ac6-a341-4ec3-956c-2a2a5636155c?source=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xtendify:woffice:*:*:*:*:*:wordpress:*:*

Версия до 5.4.22 (исключая)

EPSS

Процентиль: 80%

0.01355

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-w6f5-g24g-5g9g

CVSS3: 9.8

github

10 месяцев назад

The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

EPSS

Процентиль: 80%

0.01355

Низкий

8.8 High

CVSS3

Дефекты

CWE-434