CVE-2025-28915
Published: 11 March 2025
Description
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Security Summary
CVE-2025-28915 is an Unrestricted Upload of File with Dangerous Type vulnerability (CWE-434) in the ThemeEgg ToolKit WordPress plugin (themeegg-toolkit). It allows attackers to upload a web shell to the web server. The issue affects all versions of the plugin from n/a through 1.2.9.
The vulnerability has a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating exploitation over the network with low attack complexity but requiring high privileges, such as administrator access. A successful exploit enables an attacker to upload malicious files like web shells, resulting in high impacts to confidentiality, integrity, and availability, with a change in scope that can lead to full server compromise.
Patchstack's advisory at https://patchstack.com/database/Wordpress/Plugin/themeegg-toolkit/vulnerability/wordpress-themeegg-toolkit-plugin-1-2-9-arbitrary-file-upload-vulnerability?_s_id=cve documents the arbitrary file upload vulnerability in version 1.2.9. Security practitioners should check for plugin updates beyond 1.2.9 to mitigate the issue.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Arbitrary file upload vulnerability in public-facing WordPress plugin directly enables web shell deployment (T1100) and is exploited as a public-facing application (T1190).