{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3053", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-31T18:21:21.862Z", "datePublished": "2025-05-15T04:21:49.507Z", "dateUpdated": "2026-04-08T16:58:08.759Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:58:08.759Z"}, "affected": [{"vendor": "admintwentytwenty", "product": "UiPress lite | Effortless custom dashboards, admin themes and pages", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.5.07", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function. This is due to the function taking user supplied inputs to execute arbitrary functions with arbitrary data, and does not have any sort of capability check. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary code on the server."}], "title": "UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6717adb0-27bc-4cd4-8c34-bea59bc0e016?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3292552/uipress-lite/trunk/admin/core/ajax-functions.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "cweId": "CWE-94", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "cynau1t"}, {"lang": "en", "type": "finder", "value": "TIANGONG Team"}], "timeline": [{"time": "2025-05-14T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-15T15:17:44.642836Z", "id": "CVE-2025-3053", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T15:18:05.861Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3053", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-15T15:17:44.642836Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T15:17:59.859Z"}}], "cna": {"title": "UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution", "credits": [{"lang": "en", "type": "finder", "value": "cynau1t"}, {"lang": "en", "type": "finder", "value": "TIANGONG Team"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "admintwentytwenty", "product": "UiPress lite | Effortless custom dashboards, admin themes and pages", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.5.07"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-05-14T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6717adb0-27bc-4cd4-8c34-bea59bc0e016?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3292552/uipress-lite/trunk/admin/core/ajax-functions.php"}], "descriptions": [{"lang": "en", "value": "The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function. This is due to the function taking user supplied inputs to execute arbitrary functions with arbitrary data, and does not have any sort of capability check. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary code on the server."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:58:08.759Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3053", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:58:08.759Z", "dateReserved": "2025-03-31T18:21:21.862Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-05-15T04:21:49.507Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function. This is due to the function taking user supplied inputs to execute arbitrary functions with arbitrary data, and does not have any sort of capability check. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary code on the server."}, {"lang": "es", "value": "El complemento UiPress lite | Effortless custom dashboards, admin themes and pages para WordPress es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo en todas las versiones hasta la 3.5.07 incluida, a trav\u00e9s de la funci\u00f3n uip_process_form_input(). Esto se debe a que la funci\u00f3n utiliza las entradas proporcionadas por el usuario para ejecutar funciones arbitrarias con datos arbitrarios y no cuenta con ning\u00fan tipo de verificaci\u00f3n de capacidad. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, ejecuten c\u00f3digo arbitrario en el servidor."}], "id": "CVE-2025-3053", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-05-15T05:15:50.830", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3292552/uipress-lite/trunk/admin/core/ajax-functions.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6717adb0-27bc-4cd4-8c34-bea59bc0e016?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T20:47:53.447719+00:00", "value": {"mitigation_remediation": ["Upgrade UiPress lite to the latest release (3.5.08 or newer) which removes the vulnerability.", "If a patch cannot be applied immediately, temporarily disable the plugin's AJAX handling by deleting or renaming the ajax-functions.php file to prevent execution of the vulnerable function.", "Reduce Subscriber-level access by revoking or disabling the Subscriber role for accounts that do not require it, or restrict the plugin\u2019s usage to administrative roles only until the patch is applied."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "All releases of UiPress lite up to and including version 3.5.07 are affected. WordPress sites that have installed these versions of the plugin and have it active are at risk.", "description_and_impact": "CVE identifies that the UiPress lite plugin for WordPress is vulnerable to remote code execution because its uip_process_form_input() function executes user\u2011supplied arguments without verifying the caller's privileges. This flaw allows authenticated users with Subscriber level or higher access to run arbitrary PHP code on the web server, compromising confidentiality, integrity, and availability of the site.", "risk_and_exploitability": "The vulnerability has a CVSS score of 8.8 and an EPSS score of 2%, indicating high severity and a low but non\u2011zero probability of exploitation. Because it requires authenticated access, attackers must first compromise or hijack a subscriber account; from there the likely attack vector is an authenticated AJAX request to the plugin's endpoint, which triggers uip_process_form_input() and allows arbitrary code injection. The flaw is not currently listed in the CISA KEV catalog, but the combination of high impact and authenticated exploitation warrants immediate action."}}}}, "created": "2026-04-21T21:00:35.997555+00:00", "updated": "2026-04-21T21:00:35.997573+00:00", "vendors": []}