CVE-2025-13543
Published: 04 December 2025
Description
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Security Summary
CVE-2025-13543 is an arbitrary file upload vulnerability in the PostGallery plugin for WordPress, affecting all versions up to and including 1.12.5. The issue stems from incorrect file type validation in the 'PostGalleryUploader' class functions, allowing attackers to bypass restrictions and upload malicious files to the server. It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-434 (Unrestricted Upload of File with Dangerous Type).
Authenticated attackers with subscriber-level permissions or higher can exploit this vulnerability remotely without user interaction. By uploading arbitrary files, such as web shells, they can achieve potential remote code execution on the affected WordPress site, leading to full server compromise including high confidentiality, integrity, and availability impacts.
Advisories reference the vulnerable source code in PostGalleryUploader.php at https://plugins.trac.wordpress.org/browser/postgallery/tags/1.12.5/admin/PostGalleryUploader.php and provide further details via Wordfence threat intelligence at https://www.wordfence.com/threat-intel/vulnerabilities/id/13348eb5-5001-4ec4-bc6a-44795bbed203?source=cve.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Arbitrary file upload in public-facing WordPress plugin enables exploitation of public-facing application (T1190) and deployment of web shells for RCE (T1505.003).