CVE-2025-10147
BaseFortify
Publication date: 2025-09-23
Last updated on: 2025-09-24
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| podlove | podcast_publisher | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10147 is a vulnerability in the Podlove Podcast Publisher plugin for WordPress that allows unauthenticated attackers to upload arbitrary files to the server. This happens because the plugin's 'move_as_original_file' function lacks proper file type validation, enabling attackers to bypass restrictions and upload malicious files disguised as images. The vulnerability is related to the plugin's image caching and downloading process, where insufficient validation of downloaded files can lead to arbitrary file uploads and potentially remote code execution. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including allowing attackers to upload arbitrary files to your server without authentication. Such files could be malicious scripts that enable remote code execution, leading to full compromise of the affected WordPress site. This can result in data theft, site defacement, unauthorized access, or use of the server for further attacks. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on identifying arbitrary file uploads or suspicious files in the plugin's cache directories. Since the vulnerability involves missing file type validation in the 'move_as_original_file' function, monitoring for unexpected file types or files with dangerous extensions in the Podlove Podcast Publisher plugin's cache or upload directories is recommended. Additionally, reviewing WordPress logs for warnings related to file operations or failed image validations may help. Specific commands could include scanning the plugin's upload/cache directories for files with suspicious extensions (e.g., php, phtml, pl, py) using commands like: `find /path/to/wordpress/wp-content/plugins/podlove-podcasting-plugin-for-wordpress/ -type f \( -iname '*.php' -o -iname '*.phtml' -o -iname '*.pl' -o -iname '*.py' \)` and checking web server access logs for unusual POST requests to the plugin endpoints. However, no explicit detection commands are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Podlove Podcast Publisher plugin to version 4.2.7 or later, where the vulnerability is fixed by implementing strict image file validation to block malicious uploads. The patch adds multiple validation layers including MIME type checks, WordPress helper validation, and an explicit denylist of dangerous file extensions. Additionally, ensure your WordPress installation is at least version 4.9.6 and PHP version 8.0 or higher, as required by the patch. Monitoring logs for warnings about file validation failures and disabling image caching via the `PODLOVE_DISABLE_IMAGE_CACHE` constant can also help reduce risk until the update is applied. [2]