CVE-2025-13646

High CVSS: 7.5

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_unzip_file' function in versions 2.13.1 to 2.13.2. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files with race condition on the affected site's server which may make remote code execution possible.

Vendor

Wpchill

Product

Modula Image Gallery

CWE

CWE-434

Yayın Tarihi

2025-12-03 03:16:00

Güncelleme

2025-12-15 15:41:08

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-434 Modula Image Gallery HIGH Wpchill 2025

Referanslar

https://github.com/WPChill/modula-lite/blob/master/includes/admin/class-modula-gallery-upload.php#L1103 https://github.com/WPChill/modula-lite/commit/90c8eb982f71b31584d9be9359e3b594e03927d7 https://plugins.trac.wordpress.org/changeset/3395701/modula-best-grid-gallery#file5 https://plugins.trac.wordpress.org/changeset/3407949/modula-best-grid-gallery https://www.wordfence.com/threat-intel/vulnerabilities/id/59ee0ca2-846d-4ae8-ad19-7c3826861aeb?source=cve

Benzer Kayıtlar

High

CVE-2025-13645

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path val…

Medium

CVE-2024-9416

The Modula Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bundled Fanc…

High

CVE-2024-12853

The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validatio…

Medium

CVE-2024-11282

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure i…