Arbitrary File Upload Vulnerability in Greenshift Plugin for WordPress

CVE-2025-3616

What is CVE-2025-3616?

CVE-2025-3616 is a serious vulnerability identified in the Greenshift plugin for WordPress, developed by WPsoul. This plugin, used for creating animations and page-building blocks on WordPress sites, has a flaw that allows unauthorized file uploads due to inadequate file type validation. This vulnerability can have significant implications for organizations using this plugin, potentially leading to unauthorized access and remote code execution on their servers.

Technical Details

The vulnerability is located in the gspb_make_proxy_api_request() function within the Greenshift plugin's versions 11.4 to 11.4.5. It permits authenticated users with Subscriber-level access or more to upload arbitrary files to the server. This issue was addressed in version 11.4.5, which implemented a patch for the arbitrary file upload capability. Furthermore, version 11.4.6 introduced additional checks to prevent unauthorized limited file uploads, thereby enhancing the security framework of the plugin.

Potential impact of CVE-2025-3616

1. Unauthorized Access: Attackers with lower-level permissions can exploit this vulnerability to upload malicious files, potentially gaining full control over the affected website.

2. Remote Code Execution: The ability for unauthorized users to upload arbitrary files may lead to remote code execution, compromising not only the integrity of the site but also any connected databases or sensitive data.

3. Data Breaches and Malware Spread: The vulnerability could facilitate data breaches, allowing sensitive information to be extracted or manipulated. Furthermore, it creates a pathway for introducing malware into systems, affecting broader network security.

References