{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12161", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-24T13:31:34.382Z", "datePublished": "2025-11-08T03:27:48.931Z", "dateUpdated": "2026-04-08T17:04:54.975Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:04:54.975Z"}, "affected": [{"vendor": "burhandodhy", "product": "Smart Auto Upload Images \u2013 Import External Images", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the auto-image creation functionality in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "title": "Smart Auto Upload Images <= 1.2.0 - Authenticated (Contributor+) Arbitrary File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86dab8e6-b9fd-45ca-bdd1-8665f3bb75f2?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.0&old=3388129&new_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.1&new=3388129&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dieu Link"}, {"lang": "en", "type": "finder", "value": "GCSC Vietnam"}], "timeline": [{"time": "2025-10-24T19:33:46.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-07T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-10T14:08:08.251722Z", "id": "CVE-2025-12161", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-10T14:14:47.685Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12161", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-11-10T14:08:08.251722Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-10T14:08:08.967Z"}}], "cna": {"title": "Smart Auto Upload Images <= 1.2.0 - Authenticated (Contributor+) Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Dieu Link"}, {"lang": "en", "type": "finder", "value": "GCSC Vietnam"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "burhandodhy", "product": "Smart Auto Upload Images \u2013 Import External Images", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.2.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-24T19:33:46.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-07T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86dab8e6-b9fd-45ca-bdd1-8665f3bb75f2?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.0&old=3388129&new_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.1&new=3388129&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the auto-image creation functionality in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:04:54.975Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12161", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:04:54.975Z", "dateReserved": "2025-10-24T13:31:34.382Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-08T03:27:48.931Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the auto-image creation functionality in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "id": "CVE-2025-12161", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-08T04:15:44.677", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.0&old=3388129&new_path=%2Fsmart-auto-upload-images%2Ftags%2F1.2.1&new=3388129&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86dab8e6-b9fd-45ca-bdd1-8665f3bb75f2?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:53:51.518887+00:00", "value": {"mitigation_remediation": ["Upgrade the Smart Auto Upload Images plugin to version 1.2.1 or later, which adds proper file type validation.", "Restrict the types of files that can be uploaded by configuring the plugin or the server to accept only image MIME types such as image/jpeg, image/png, and image/gif.", "Configure the server so that the upload directory is not executed as code\u2014ensure the directory has appropriate permissions and that files stored there cannot be run as scripts or have PHP execution disabled."], "summary": {"action": "Patch Now", "impact": "Arbitrary file upload with potential remote code execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Smart Auto Upload Images \u2013 Import External Images plugin (burhandodhy) version 1.2.0 and any earlier releases. It is installed on WordPress sites that host the plugin as any user with Contributor or greater roles can exploit the flaw.", "description_and_impact": "The Smart Auto Upload Images plugin for WordPress lacks file type validation in its auto\u2011image creation feature, allowing authenticated users with Contributor-level access or higher to upload arbitrary files. If a malicious file is placed in the plugin\u2019s upload directory and executed by the web server or application, remote code execution can be achieved, compromising the entire site.", "risk_and_exploitability": "The CVSS score of 8.8 indicates high severity, but the EPSS score of less than 1% shows a low probability of exploitation at present. The flaw is not listed in the CISA KEV catalog. An attacker must first obtain valid Contributor-level credentials or compromise such an account through other means. Once authenticated, the attacker can upload a malicious file into the plugin\u2019s upload folder, potentially leading to remote code execution if the web server or application treats the file as executable."}}}}, "created": "2025-11-10T09:33:34.055868+00:00", "updated": "2026-04-22T13:00:09.739883+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}