WordPress LFI to RCE - CVE-2025-0366
by Serious - Saturday February 22, 2025 at 06:00 PM
Banned

Posts: 4
Threads: 4
Joined: Feb 2025
Reputation: 10
#1
02-22-2025, 06:00 PM (This post was last modified: 02-22-2025, 06:03 PM by Serious.)
Jupiter X Core, a popular Wordpress Plugin with more than 90,000 users worldwide, is vulnerable to a high-severity flaw that allows threat actors to run arbitrary files on the server, essentially giving them the ability to fully take over target websites, experts have warned. 
  
WordPress security researchers Wordfence revealed it was found to be vulnerable to a “Local File Inclusion to Remote Code Execution” flaw, now tracked as CVE-2025-0366. It has a severity score of 8.8/10 (high) and affects all versions up to, and including 4.8.7.
Jupiter X Core is a companion plugin for the Jupiter X WordPress theme, developed by Artbees. It extends the functionality of the theme by adding advanced features, such as custom page-building elements, theme customizer options, and enhanced design controls. The plugin is primarily used by web designers, developers, and business owners.
SVG uploads as the problem
“This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files,” Wordfence explained. “This can be used to bypass access controls, obtain sensitive data, or achieve code execution.”
 
The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code Execution in all versions up to, and including, 4.8.7 via the get_svg() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution. In this specific case, an attacker can create a form that allows SVG uploads, upload an SVG file with malicious content and then include the SVG file in a post to achieve remote code execution. This means it is relatively easy to gain remote code execution as a contributor-level user and above by default.
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Attempting to sell IDs/real documents
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  New Zer0 Day Wordpress A3g00n 62 2,073 08-08-2025, 04:37 PM
Last Post: asdf12fgd
  CVE-2025-29927 - POC loganpaul09 26 1,187 08-06-2025, 01:12 PM
Last Post: Fuc0
  new wordpress website takeover vuln (video + poc ) zinzeur 302 26,060 08-06-2025, 10:39 AM
Last Post: k4mui
  [WordPress] Contact Form - SQL Injection Vuln Friday 147 18,154 08-04-2025, 04:20 AM
Last Post: 1blackman
  Nginx RCE - 2025 - March loganpaul09 5 444 08-04-2025, 01:58 AM
Last Post: CLOBELSECTEAM

Forum Jump:


 Users browsing this thread: 1 Guest(s)