Arbitrary File Upload Vulnerability in Front End Users Plugin for WordPress
CVE-2025-2005

9.8CRITICAL

Key Information:

Vendor
Rustaurius
Status
Front End Users
Vendor
CVE Published:
2 April 2025

Badges

📈 Score: 421👾 Exploit Exists🟡 Public PoC

What is CVE-2025-2005?

CVE-2025-2005 is a vulnerability found in the Front End Users plugin for WordPress, developed by Rustaurius. The plugin is designed to enhance user registration capabilities on WordPress sites by allowing frontend user management. This vulnerability arises from inadequate file type validation during file uploads in the registration form, affecting all versions up to 3.2.32. As a result, unauthenticated attackers may exploit this weakness to upload arbitrary files, posing significant security risks to the affected websites and potentially enabling remote code execution.

Technical Details

The vulnerability stems from a lack of rigorous validation in the file upload mechanism within the Front End Users plugin. Specifically, this oversight permits attackers to bypass security measures intended to block the upload of unauthorized file types. By leveraging this flaw, malicious actors can upload harmful files directly onto the server, which may include scripts or executables designed to compromise the server's integrity or facilitate further exploitation. The vulnerability is present in all versions of the plugin prior to 3.2.32, raising concerns for any site utilizing this outdated version without appropriate mitigations.

Potential Impact of CVE-2025-2005

  1. Remote Code Execution: The most concerning implication of this vulnerability is the potential for unauthorized remote code execution. Attackers can execute malicious code on the server, which could lead to full server compromise.

  2. Data Breach Risks: With remote code execution capabilities, attackers may gain access to sensitive data stored on the server, leading to data breaches that could adversely affect user privacy and organizational reputation.

  3. Website Integrity and Availability: The ability to upload arbitrary files may allow attackers to deface websites, deploy malware, or disrupt services. Such actions can severely impact the integrity and availability of affected sites, leading to loss of services and trust from users.

Affected Version(s)

Front End Users * <= 3.2.32

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-2005
Created by Nxploited

CVE-2025-2005
Created by mrmtwoj

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://wordpress.org/support/plugin/front-end-only-users/

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kishan Vyas
.