RESTful Content Syndication 1.1.0 – 1.5.0 – Authenticated (Contributor+) Arbitrary File Upload | CVE 2025-12171 | Plugin Vulnerabilities

Description

The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ingest_image() function in versions 1.1.0 to 1.5.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This requires the attacker have access to a defined third-party server as specified in the settings, so it is unlikely that this will be exploitable by contributor-level users, and more likely to be exploited by administrators who also have access to the plugin's settings.

Affects Plugins

restful-syndication

Fixed in 1.6.0

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/99db7ac5-b7ac-4a4f-bd05-e563a3dfb839

Miscellaneous

Original Researcher

kr0d

Verified

No

WPVDB ID

e0bf7e4c-d1e9-4c36-ba3e-b7c98c9b6e0b

Timeline

Publicly Published

2025-10-31 (about 5 months ago)

Added

2025-10-31 (about 5 months ago)

Last Updated

2025-11-01 (about 5 months ago)

Other

Published

Title

Published

2026-03-20

Title

Photo Engine (Media Organizer & Lightroom) < 6.5.0 - Authenticated (Author+) Arbitrary File Upload

Published

2014-08-01

Title

Download Manager 0.2 - Arbitrary File Upload Exploit

Published

2014-08-01

Title

1 Flash Gallery - Arbitrary File Upload Exploit (MSF)

Published

2025-05-08

Title

ELEX WordPress HelpDesk & Customer Ticketing System < 3.3.0 - Subscriber+ Arbitrary File Upload

Published

2025-01-07

Title

4ECPS Web Forms <= 0.2.18 - Unauthenticated Arbitrary File Upload