Greenshift 11.4 – 11.4.5 – Authenticated (Subscriber+) Arbitrary File Upload | CVE 2025-3616 | Plugin Vulnerabilities

Description

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_request() function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The arbitrary file upload was sufficiently patched in 11.4.5, but a capability check was added in 11.4.6 to properly prevent unauthorized limited file uploads.

Affects Plugins

greenshift-animation-and-page-builder-blocks

Fixed in 11.4.6

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/0db4671e-1989-44a4-babe-ed699c7f3a52

Miscellaneous

Original Researcher

mikemyers

Verified

No

WPVDB ID

73494c87-5fa7-4759-8e54-89d18f48b4cd

Timeline

Publicly Published

2025-04-21 (about 1 year ago)

Added

2025-04-21 (about 1 year ago)

Last Updated

2025-04-22 (about 1 year ago)

Other

Published

Title

Published

2026-03-20

Title

Photo Engine (Media Organizer & Lightroom) < 6.5.0 - Authenticated (Author+) Arbitrary File Upload

Published

2026-03-18

Title

Wishlist Member <= 3.29.0 - Authenticated (Subscriber+) Arbitrary File Upload

Published

2022-11-21

Title

Motors - Car Dealer, Classifieds & Listing < 1.4.4 - Arbitrary File Upload

Published

2025-05-16

Title

Printcart Web to Print Product Designer for WooCommerce < 2.4.0 - Unauthenticated Arbitrary File Upload

Published

2023-04-18

Title

OoohBoi Steroids for Elementor < 2.1.5 - Arbitrary File Upload