{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2249", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-12T13:44:01.903Z", "datePublished": "2025-03-29T07:03:32.151Z", "dateUpdated": "2026-04-08T17:33:31.208Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:31.208Z"}, "affected": [{"vendor": "sojweb", "product": "SoJ SoundSlides", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "title": "SoJ Soundslides <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f648e7f3-d93a-4a46-ae77-81a94880869c?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/soj-soundslides/tags/1.2.2/soj-soundslides.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Hoang Phuc Vo"}], "timeline": [{"time": "2025-03-28T18:36:30.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-31T14:30:33.236264Z", "id": "CVE-2025-2249", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:30:47.916Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2249", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-31T14:30:33.236264Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T14:30:43.356Z"}}], "cna": {"title": "SoJ Soundslides <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Hoang Phuc Vo"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "sojweb", "product": "SoJ SoundSlides", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.2.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-28T18:36:30.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f648e7f3-d93a-4a46-ae77-81a94880869c?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/soj-soundslides/tags/1.2.2/soj-soundslides.php"}], "descriptions": [{"lang": "en", "value": "The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:33:31.208Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2249", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:33:31.208Z", "dateReserved": "2025-03-12T13:44:01.903Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-29T07:03:32.151Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}, {"lang": "es", "value": "El complemento SoJ SoundSlides para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n soj_soundslides_options_subpanel() en todas las versiones hasta la 1.2.2 incluida. Esto permite que atacantes autenticados, con acceso de Colaborador o superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que podr\u00eda posibilitar la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2025-2249", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-29T07:15:17.747", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/soj-soundslides/tags/1.2.2/soj-soundslides.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f648e7f3-d93a-4a46-ae77-81a94880869c?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:26:11.408139+00:00", "value": {"mitigation_remediation": ["Upgrade the SoJ SoundSlides plugin to version 1.2.3 or later, which removes the missing file type validation.", "If an immediate upgrade is not possible, revoke Contributor and higher roles from all users or lock the plugin\u2019s upload capability until a patch is applied.", "As a temporary measure, implement server\u2011side file type validation or move the upload directory outside the web root to prevent execution of uploaded files."], "summary": {"action": "Apply Patch", "impact": "Arbitrary File Upload with potential Remote Code Execution"}, "threat_synthesis": {"affected_systems": "WordPress installations that use the SoJ SoundSlides plugin in version 1.2.2 or earlier are affected. The plugin allows file uploads only when a user has Contributor-level access or higher. No other versions or editions of the plugin are known to be impacted.", "description_and_impact": "The SoJ SoundSlides WordPress plugin is vulnerable due to missing file type validation in the soj_soundslides_options_subpanel() function in all releases up to 1.2.2. The flaw permits authenticated attackers who hold at least Contributor permissions to upload arbitrary files to the site\u2019s server, which may lead to remote code execution if the attacker can place executable code or scripts. The security weakness is identified as CWE-434 \"Missing Restriction on File Uploads.\"", "risk_and_exploitability": "The vulnerability carries a CVSS v3.1 score of 8.8, indicating a high severity and substantial impact. The EPSS score of 2% suggests a modest but non\u2011negligible probability of exploitation. The flaw is not listed in CISA\u2019s KEV catalog, but the combination of authentication requirement and lack of validation makes it attractive to attackers with legitimate contributor access. Exploitation would require a logged\u2011in Contributor or higher user to execute the upload functionality, after which the attacker could place malicious code in web\u2011accessible locations."}}}}, "created": "2025-07-13T11:22:25.810168+00:00", "updated": "2026-04-20T23:30:16.123315+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}