CVE-2025-13062
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | supreme_modules_lite | to 2.5.62 (inc) |
| unknown_vendor | supreme_modules_for_divi | 2.5.63 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Supreme Modules Lite WordPress plugin (up to version 2.5.62) is due to insufficient validation of file types during uploads. Specifically, the plugin fails to properly detect JSON files, allowing attackers with author-level access or higher to upload files with double extensions that bypass sanitization. This arbitrary file upload flaw can enable attackers to place malicious files on the server, potentially leading to remote code execution. [1]
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker with author-level access or above to upload arbitrary files to the affected WordPress site. Such file uploads can lead to remote code execution on the server, compromising the site's security, potentially allowing data theft, site defacement, or full server takeover. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
To detect this vulnerability, you can check if your WordPress site is running the Supreme Modules Lite plugin version 2.5.62 or earlier. Additionally, monitoring for suspicious file uploads with double extensions (e.g., file.php.json) or unexpected JSON file uploads by authenticated users with author-level access or higher can help identify exploitation attempts. Specific commands depend on your environment, but for example, on the server you can run commands to find suspicious files: `find /path/to/wordpress/wp-content/uploads/ -type f -regex '.*\.php\.json$'` to locate files with double extensions. Also, reviewing web server logs for POST requests to upload endpoints by author-level users may help. However, no explicit commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Supreme Modules Lite plugin to version 2.5.63 or later, which includes fixes improving JSON file handling and file type validation to prevent arbitrary file uploads. This update addresses the vulnerability by correctly identifying JSON files and preventing bypass of sanitization checks. Until the update is applied, restrict author-level user permissions if possible and monitor for suspicious file uploads. [1]