CVE-2025-30933
BaseFortify
Publication date: 2025-07-04
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30933 is a critical vulnerability in the WordPress LogisticsHub Theme (up to version 1.1.6) that allows unauthenticated attackers to upload arbitrary files, including malicious web shells, to the web server. This arbitrary file upload can lead to attackers executing malicious code on the server, gaining unauthorized access and control over the affected website. The vulnerability is classified as an unrestricted upload of dangerous file types and falls under the OWASP Top 10 category A3: Injection. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including complete compromise of the affected website. Attackers can upload and execute malicious backdoors or web shells, allowing them to take full control of the site, steal sensitive data, deface the website, or use the server for further attacks. Since no authentication is required to exploit this vulnerability, it is highly dangerous and likely to be widely exploited. Immediate mitigation is recommended to prevent unauthorized access and damage. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for arbitrary file uploads, especially web shells, on the affected WordPress LogisticsHub Theme (up to version 1.1.6). Since attackers can upload malicious backdoors without authentication, scanning the web server directories for unexpected or suspicious files (e.g., PHP web shells) is recommended. Additionally, server-side malware scanning by professional incident response services is advised, as plugin-based malware scanners may be unreliable due to potential tampering by attackers. Specific commands are not provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack, which blocks attack attempts until an official fix is released. This virtual patch can be safely applied and tested to protect websites immediately. If the website is already compromised, it is recommended to engage professional incident response services and perform server-side malware scanning rather than relying on plugin-based malware scanners. [1]