Arbitrary File Upload Vulnerability in Insert or Embed Articulate Content for WordPress
CVE-2025-32202

9.1CRITICAL

Key Information:

Vendor: WordPress
Status: Insert Or Embed Articulate Content Into WordPress
Vendor: CVE Published:; 10 April 2025

What is CVE-2025-32202?

The vulnerability in the Insert or Embed Articulate Content plugin for WordPress allows attackers to upload malicious files to the server, leading to potential web shell access. This poses significant security risks, enabling unauthorized control and exploitation of the website. Users are urged to update their plugin to mitigate exposure to this vulnerability.

Affected Version(s)

Insert or Embed Articulate Content into WordPress <= 4.3000000025

References

https://patchstack.com/database/wordpress/plugin/insert-o...

vdb-entry

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2025