{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3917", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-24T10:22:46.708Z", "datePublished": "2025-05-15T03:21:38.842Z", "dateUpdated": "2026-04-08T17:00:18.944Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:00:18.944Z"}, "affected": [{"vendor": "kelerkgibo", "product": "SEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/Google/Bing/\u5934\u6761\u63a8\u9001)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The \u767e\u5ea6\u7ad9\u957fSEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/\u795e\u9a6c/Bing/\u5934\u6761\u63a8\u9001) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "title": "\u767e\u5ea6\u7ad9\u957fSEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/\u795e\u9a6c/Bing/\u5934\u6761\u63a8\u9001) <= 2.0.6 - Unauthenticated Arbitrary File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70361501-8adc-499a-91d2-cf91fab5934a?source=cve"}, {"url": "https://wordpress.org/plugins/baiduseo/"}, {"url": "https://plugins.trac.wordpress.org/browser/baiduseo/tags/2.0.6/inc/index/youhua.php#L371"}, {"url": "https://plugins.trac.wordpress.org/changeset/3293597"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "timeline": [{"time": "2025-04-21T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-05-14T14:24:14.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-15T14:12:09.007857Z", "id": "CVE-2025-3917", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:22:38.309Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3917", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-15T14:12:09.007857Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:22:23.556Z"}}], "cna": {"title": "\u767e\u5ea6\u7ad9\u957fSEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/\u795e\u9a6c/Bing/\u5934\u6761\u63a8\u9001) <= 2.0.6 - Unauthenticated Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Youcef Hamdani"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "kelerkgibo", "product": "SEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/Google/Bing/\u5934\u6761\u63a8\u9001)", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.0.6"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-21T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-05-14T14:24:14.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70361501-8adc-499a-91d2-cf91fab5934a?source=cve"}, {"url": "https://wordpress.org/plugins/baiduseo/"}, {"url": "https://plugins.trac.wordpress.org/browser/baiduseo/tags/2.0.6/inc/index/youhua.php#L371"}, {"url": "https://plugins.trac.wordpress.org/changeset/3293597"}], "descriptions": [{"lang": "en", "value": "The \u767e\u5ea6\u7ad9\u957fSEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/\u795e\u9a6c/Bing/\u5934\u6761\u63a8\u9001) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:00:18.944Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3917", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:00:18.944Z", "dateReserved": "2025-04-24T10:22:46.708Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-05-15T03:21:38.842Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The \u767e\u5ea6\u7ad9\u957fSEO\u5408\u96c6(\u652f\u6301\u767e\u5ea6/\u795e\u9a6c/Bing/\u5934\u6761\u63a8\u9001) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."}, {"lang": "es", "value": "El complemento ????SEO??(????/??/Bing/????) para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n download_remote_image_to_media_library en todas las versiones hasta la 2.0.6 incluida. Esto permite que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que podr\u00eda posibilitar la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2025-3917", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-05-15T04:16:12.617", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/baiduseo/tags/2.0.6/inc/index/youhua.php#L371"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3293597"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/baiduseo/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70361501-8adc-499a-91d2-cf91fab5934a?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T20:48:42.254995+00:00", "value": {"mitigation_remediation": ["Update the Baidu SEO Collection plugin to the latest version (\u2265\u202f2.0.7) that includes the file type validation fix; if no update is available, uninstall the plugin.", "If the plugin must remain active, configure the web server or WordPress to reject file uploads of executable types (e.g., .php, .phtml) and set the upload directory\u2019s permissions to non\u2011executable.", "Enable logging of file uploads and monitor for suspicious activity, blocking offending IP addresses or sources."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "WordPress sites using the Baidu SEO Collection plugin, versions up to and including 2.0.6, are impacted. The plugin is identified by the vendor product name kelerkgibo:SEO\u5408\u96c6. Sites that have not applied a later version are susceptible.", "description_and_impact": "The Baidu SEO Collection plugin for WordPress contains a flaw that allows attackers to upload any file without type validation. An unauthenticated attacker can place a malicious script on the server, potentially enabling remote code execution. The flaw falls under CWE\u2011434 and can compromise the entire site if exploited.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 9.8, indicating critical severity, and an EPSS score of 2%, suggesting that while exploitation is possible, it is not yet widespread. Attackers can reach the vulnerable functionality without authentication, upload arbitrary files via the download_remote_image_to_media_library routine, and if the file is executable, run arbitrary code. The issue is not listed in CISA\u2019s KEV catalog but remains a high\u2011risk concern for exposed WordPress installations."}}}}, "created": "2025-07-13T11:06:43.683191+00:00", "updated": "2026-04-21T21:00:35.999887+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}