CVE-2025-23942
Published: 22 January 2025
Summary
CVE-2025-23942 is a critical-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1505.003); ranked in the top 2.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability is an unrestricted upload of a file with a dangerous type, tracked as CWE-434, in the WP Load Gallery WordPress plugin by ngocuct0912. It affects all versions through 2.1.6 and permits an authenticated user to upload arbitrary files, including web shells, directly to the web server. The issue carries a CVSS 3.1 score of 9.1 with network attack vector, low complexity, and high impact across confidentiality, integrity, and availability under changed scope.
An attacker holding a high-privileged account on the affected WordPress site can exploit the flaw over the network to place and execute malicious code. Successful exploitation grants the ability to run arbitrary commands on the server, potentially leading to full site takeover or lateral movement within the hosting environment.
The Patchstack advisory documents the arbitrary file upload vulnerability in WP Load Gallery 2.1.6 and below, directing administrators to apply updates once released by the plugin maintainer.
EPSS currently sits at 0.4495 with no material upward trajectory from a lower baseline after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-3556
Vulnerability details
Unrestricted Upload of File with Dangerous Type vulnerability in ngocuct0912 WP Load Gallery wp-load-gallery allows Upload a Web Shell to a Web Server.This issue affects WP Load Gallery: from n/a through <= 2.1.6.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is an arbitrary file upload (CWE-434) that explicitly enables uploading and installing a web shell on the WordPress server.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-2 requires timely remediation of known flaws like this arbitrary file upload vulnerability in the WP Load Gallery plugin, directly preventing exploitation by patching affected versions.
SI-10 mandates validation of information inputs such as file uploads to reject dangerous types like web shells, comprehensively addressing the unrestricted upload vulnerability.
SI-3 deploys malicious code protection mechanisms to scan for and block web shells uploaded via the vulnerable plugin's unrestricted file upload feature.