{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6423", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-20T14:34:30.122Z", "datePublished": "2025-07-12T07:24:24.664Z", "dateUpdated": "2026-04-08T17:10:10.393Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:10:10.393Z"}, "affected": [{"vendor": "beeteam368", "product": "BeeTeam368 Extensions", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The BeeTeam368 Extensions plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_submit_upload_file() function in all versions up to, and including, 2.3.5. This makes it possible for authenticated attackers with Subscriber-level access or higher to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "title": "BeeTeam368 Extensions <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96170b82-6ed9-4a52-8592-944163cdd3cf?source=cve"}, {"url": "https://themeforest.net/item/vidmov-video-wordpress-theme/35542187#item-description__change-log"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Marco Wotschka"}], "timeline": [{"time": "2025-06-20T19:26:03.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-07-11T18:49:36.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-14T14:41:08.810053Z", "id": "CVE-2025-6423", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-14T20:12:26.577Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6423", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-14T14:41:08.810053Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-14T14:41:14.287Z"}}], "cna": {"title": "BeeTeam368 Extensions <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Marco Wotschka"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "beeteam368", "product": "BeeTeam368 Extensions", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.3.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-06-20T19:26:03.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-07-11T18:49:36.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96170b82-6ed9-4a52-8592-944163cdd3cf?source=cve"}, {"url": "https://themeforest.net/item/vidmov-video-wordpress-theme/35542187#item-description__change-log"}], "descriptions": [{"lang": "en", "value": "The BeeTeam368 Extensions plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_submit_upload_file() function in all versions up to, and including, 2.3.5. This makes it possible for authenticated attackers with Subscriber-level access or higher to upload arbitrary files on the affected site's server which may make remote code execution possible."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-07-12T07:24:24.664Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6423", "state": "PUBLISHED", "dateUpdated": "2025-07-14T20:12:26.577Z", "dateReserved": "2025-06-20T14:34:30.122Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-12T07:24:24.664Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The BeeTeam368 Extensions plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_submit_upload_file() function in all versions up to, and including, 2.3.5. This makes it possible for authenticated attackers with Subscriber-level access or higher to upload arbitrary files on the affected site's server which may make remote code execution possible."}, {"lang": "es", "value": "El complemento BeeTeam368 Extensions para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n handle_submit_upload_file() en todas las versiones hasta la 2.3.5 incluida. Esto permite que atacantes autenticados con acceso de suscriptor o superior carguen archivos arbitrarios en el servidor del sitio afectado, lo que podr\u00eda posibilitar la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2025-6423", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-12T08:15:23.367", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/vidmov-video-wordpress-theme/35542187#item-description__change-log"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96170b82-6ed9-4a52-8592-944163cdd3cf?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T01:06:52.395880+00:00", "value": {"mitigation_remediation": ["Upgrade BeeTeam368 Extensions to the latest released version that removes the unchecked file\u2011type validation.", "If an immediate update is not possible, disable or limit the file upload capability for Subscriber and higher roles, so only trusted administrators can upload files.", "Add server\u2011side MIME type and extension checks or consult a security plugin that enforces strict upload validation, thereby addressing the CWE\u2011434 weakness."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the BeeTeam368 Extensions plugin for WordPress up to and including version 2.3.5. All site owners running any of these versions are potentially exposed until an updated release is applied.", "description_and_impact": "The BeeTeam368 Extensions plugin for WordPress contains an unchecked file\u2011type validation flaw in its handle_submit_upload_file() routine. Because any authenticated user with Subscriber or higher privileges can upload any file that passes the size tests, the flaw enables an attacker to place a malicious script on the site\u2019s server, creating a path to remote code execution. This is an unrestricted file upload weakness (CWE-434) rated with a CVSS v3.1 score of 8.8, indicating high severity.", "risk_and_exploitability": "The CVSS score of 8.8 signals a high impact if the flaw is abused, but the EPSS of <1% suggests low current exploitation activity. The flaw requires an authenticated session, so it is not remote from the outset. However, any subscriber or user with elevated privileges can trigger exploitation, making it a significant risk for sites with broad Subscriber permissions. Without a patch, an attacker may launch a hostile file upload that could lead to arbitrary code execution."}}}}, "created": "2025-07-13T11:06:11.377216+00:00", "updated": "2026-04-22T01:15:07.306692+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}