{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13094", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-12T20:54:54.977Z", "datePublished": "2025-12-13T04:31:23.325Z", "dateUpdated": "2026-04-08T16:45:04.101Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:04.101Z"}, "affected": [{"vendor": "wp3d", "product": "WP3D Model Import Viewer", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_file() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "title": "WP3D Model Import Viewer <= 1.0.7 - Authenticated (Contributor+) Arbitrary File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3144f190-232c-40c0-9e4b-d1cedfe52b26?source=cve"}, {"url": "https://wordpress.org/plugins/wp3d-model-import-block/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Kenneth Dunn"}], "timeline": [{"time": "2025-12-12T16:19:08.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-15T15:21:16.994303Z", "id": "CVE-2025-13094", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T15:34:20.067Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13094", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-15T15:21:16.994303Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T15:21:18.013Z"}}], "cna": {"title": "WP3D Model Import Viewer <= 1.0.7 - Authenticated (Contributor+) Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Kenneth Dunn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "wp3d", "product": "WP3D Model Import Viewer", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-12T16:19:08.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3144f190-232c-40c0-9e4b-d1cedfe52b26?source=cve"}, {"url": "https://wordpress.org/plugins/wp3d-model-import-block/"}], "descriptions": [{"lang": "en", "value": "The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_file() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-12-13T04:31:23.325Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13094", "state": "PUBLISHED", "dateUpdated": "2025-12-15T15:34:20.067Z", "dateReserved": "2025-11-12T20:54:54.977Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-13T04:31:23.325Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_file() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "id": "CVE-2025-13094", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-13T16:16:47.293", "references": [{"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/wp3d-model-import-block/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3144f190-232c-40c0-9e4b-d1cedfe52b26?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:17:23.468932+00:00", "value": {"mitigation_remediation": ["Apply the latest WP3D Model Import Viewer update, if available, to remove the arbitrary file upload flaw.", "Remove or disable the plugin if it is unnecessary for site functionality.", "Enforce strict file\u2011type validation on the server, rejecting non\u2011image or disallowed file types, to mitigate future upload\u2011related threats."], "summary": {"action": "Apply Patch", "impact": "Remote Code Execution potential"}, "threat_synthesis": {"affected_systems": "WordPress sites running the WP3D Model Import Viewer plugin, versions up to and including 1.0.7.", "description_and_impact": "The WP3D Model Import Viewer plugin for WordPress allows authenticated users with Author-level access or higher to upload arbitrary files due to missing file\u2011type validation, a vulnerability classified as CWE\u2011434: Unvalidated File Type. This flaw can be exploited to place malicious files on the server, which may enable remote code execution or other destructive actions against the affected site.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.8, indicating high severity, while the EPSS score is below 1%, suggesting the likelihood of exploitation is low but non\u2011zero. It is not listed in the CISA KEV catalog. Attackers need only authenticated Author\u2011level or higher credentials to exploit the flaw, after which uploaded files could be executed or used to compromise the server."}}}}, "created": "2025-12-14T21:14:58.207486+00:00", "updated": "2026-04-28T10:30:29.008418+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}