CVE-2025-2780: Woffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload
First published: Fri Apr 04 2025(Updated: )
The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Credit: security@wordfence.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Woffice Core | <=5.4.21 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-2780?
CVE-2025-2780 has a high severity due to the risk of arbitrary file uploads.
How do I fix CVE-2025-2780?
To fix CVE-2025-2780, update the Woffice Core plugin to version 5.4.22 or later.
Who is affected by CVE-2025-2780?
All users of the Woffice Core plugin versions up to and including 5.4.21 are affected by CVE-2025-2780.
What type of attack does CVE-2025-2780 enable?
CVE-2025-2780 enables authenticated attackers to upload arbitrary files to the server.
Is CVE-2025-2780 related to WordPress themes or plugins?
CVE-2025-2780 specifically affects the Woffice Core plugin used in conjunction with the Woffice Theme in WordPress.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/title
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/source
- agent/tags
- agent/event
- vendor/woffice
- canonical/woffice core