CVE-2025-31048

CRITICAL
2026-01-05 [email protected]
9.9
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 05, 2026 - 11:17 nvd
CRITICAL 9.9

Tags

WordPress PHP RCE Remote Code Execution

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4.

Analysis

Themify Shopo WordPress theme (through 1.1.4) allows authenticated users to upload web shells. Despite requiring low-level authentication, the scope change to CVSS 9.9 means any subscriber account can achieve full server compromise.

Technical Context

The theme does not validate uploaded file types (CWE-434), allowing any authenticated user (including subscribers with minimal WordPress privileges) to upload PHP web shells. The scope change indicates code execution beyond the WordPress application boundary.

Affected Products

Themify Shopo WordPress theme through 1.1.4

Remediation

Update or remove the Shopo theme. Disable user registration if not needed. Implement server-level file upload restrictions (block .php uploads in wp-content/uploads).

Priority Score

50
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +50
POC: 0

Share

CVE-2025-31048 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy