CVE-2025-28915

CRITICAL
2025-03-11 [email protected]
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:52 vuln.today
CVE Published
Mar 11, 2025 - 21:15 nvd
CRITICAL 9.1

Tags

File Upload

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit allows Upload a Web Shell to a Web Server. This issue affects ThemeEgg ToolKit: from n/a through 1.2.9.

Analysis

ThemeEgg ToolKit plugin for WordPress (through 1.2.9) allows authenticated administrators to upload web shells via unrestricted file upload. The scope change makes this critical despite requiring admin privileges, as it enables OS-level code execution beyond the WordPress application.

Technical Context

The plugin does not validate uploaded file types (CWE-434), allowing an authenticated administrator to upload a PHP web shell. While admin access is required, the scope change (S:C) indicates the attacker breaks out of the WordPress application to execute arbitrary OS commands.

Affected Products

ThemeEgg ToolKit for WordPress through 1.2.9

Remediation

Remove or update ThemeEgg ToolKit. Enforce MFA for WordPress admin accounts. Implement file upload validation at the server level. Monitor for new PHP files in upload directories.

Priority Score

68
Low Medium High Critical
KEV: 0
EPSS: +22.7
CVSS: +46
POC: 0

Share

CVE-2025-28915 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy