CVE-2025-2249
Published: 29 March 2025
Description
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Security Summary
CVE-2025-2249 is an arbitrary file upload vulnerability in the SoJ SoundSlides plugin for WordPress, stemming from missing file type validation in the soj_soundslides_options_subpanel() function. It affects all versions up to and including 1.2.2. The vulnerability is rated with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-434 (Unrestricted Upload of File with Dangerous Type).
Authenticated attackers with Contributor-level access or higher can exploit this vulnerability over the network with low complexity and no user interaction required. By uploading arbitrary files to the affected WordPress site's server, they can potentially achieve remote code execution, granting high levels of confidentiality, integrity, and availability impact.
Wordfence's threat intelligence advisory details the vulnerability at https://www.wordfence.com/threat-intel/vulnerabilities/id/f648e7f3-d93a-4a46-ae77-81a94880869c?source=cve, and the plugin's source code for version 1.2.2 is available for review at https://plugins.trac.wordpress.org/browser/soj-soundslides/tags/1.2.2/soj-soundslides.php. No patched version is specified in available information.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Arbitrary file upload vulnerability in public-facing WordPress plugin directly enables exploitation of public-facing applications for initial access (T1190) and facilitates deployment of web shells to achieve remote code execution (T1505.003).