CVE-2025-22723
Published: 21 January 2025
Summary
CVE-2025-22723 is a critical-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1100); ranked at the 34.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely identification, reporting, and remediation of software flaws, such as patching the vulnerable Barcode Scanner plugin up to version 1.6.7, directly eliminates the unrestricted file upload vulnerability.
Systematic validation of file upload inputs for type, content, and other attributes prevents the acceptance of dangerous files like web shells.
Enforcing restrictions on file types, extensions, sizes, and upload parameters blocks the introduction of malicious web shells via unrestricted uploads.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload vulnerability directly enables deployment of web shells on the web server for RCE and persistence.
NVD Description
Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with Inventory & Order…
more
Manager: from n/a through <= 1.6.7.
Deeper analysisAI
CVE-2025-22723 is an Unrestricted Upload of File with Dangerous Type vulnerability (CWE-434) in the WordPress plugin Barcode Scanner with Inventory & Order Manager, developed by Dmitry V. (CEO of "UKR Solution") under the identifier barcode-scanner-lite-pos-to-manage-products-inventory-and-orders. Published on 2025-01-21, it affects all versions of the plugin up to and including 1.6.7, enabling attackers to upload a web shell directly to the web server.
The vulnerability carries a CVSS 3.1 score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), indicating exploitation is possible over the network with low complexity and no user interaction, but requires high privileges (PR:H), such as administrative access. A privileged attacker can upload malicious files like web shells, resulting in a scope change that grants high-impact control over confidentiality, integrity, and availability, potentially leading to full server compromise and remote code execution.
The Patchstack advisory (https://patchstack.com/database/Wordpress/Plugin/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/vulnerability/wordpress-barcode-scanner-and-inventory-manager-plugin-1-6-7-arbitrary-file-upload-vulnerability?_s_id=cve) documents this arbitrary file upload issue in the plugin's version 1.6.7, providing details for WordPress site operators to assess and address exposure.
Details
- CWE(s)