Plattform
wordpress
Komponente
modula-best-grid-gallery
Behoben in
2.13.3
2.13.4
CVE-2025-13645 describes an arbitrary file access vulnerability discovered in the Modula Image Gallery WordPress plugin. This flaw allows authenticated attackers with Author-level access or higher to delete arbitrary files on the server. The most critical impact arises from the potential to delete the wp-config.php file, which could lead to remote code execution. The vulnerability affects versions 2.13.1 through 2.13.2, and a fix is available in version 2.13.3.
The core of the vulnerability lies in insufficient file path validation within the ajaxunzipfile function. An attacker, possessing the necessary authentication credentials (Author role or higher), can exploit this weakness to specify arbitrary file paths for deletion. While direct remote code execution isn't immediately achieved, the ability to delete core WordPress files like wp-config.php creates a pathway to RCE. Deleting wp-config.php would effectively disable the WordPress site and allow an attacker to potentially gain control over the server by replacing the deleted file with a malicious configuration.
This vulnerability was publicly disclosed on December 2, 2025. There are currently no known public exploits or active campaigns targeting this vulnerability. It is not listed on the CISA KEV catalog at the time of writing. The CVSS score of 7.2 (HIGH) indicates a significant risk, and the potential for RCE makes it a priority for remediation.
Websites using the Modula Image Gallery plugin, particularly those with multiple users having Author or higher roles, are at risk. Shared hosting environments where users have limited control over file permissions are also at increased risk, as are WordPress installations with outdated security practices and inadequate access controls.
• wordpress / composer / npm:
grep -r "ajax_unzip_file" /var/www/html/wp-content/plugins/modula-image-gallery/• wordpress / composer / npm:
wp plugin list --status=active | grep modula-image-gallery• wordpress / composer / npm:
curl -I http://your-wordpress-site.com/wp-admin/admin-ajax.php?action=modula_ajax_unzip_file&file=../../../../wp-config.phpdisclosure
Exploit-Status
EPSS
1.19% (79% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-13645 is to immediately upgrade the Modula Image Gallery plugin to version 2.13.3 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file access permissions on the server to limit the potential damage from file deletion. Implement a Web Application Firewall (WAF) rule to block requests to the ajaxunzipfile endpoint with suspicious file paths. Monitor WordPress logs for unusual file deletion activity, particularly targeting core WordPress files.
Aktualisieren Sie auf Version 2.13.3 oder eine neuere gepatchte Version
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-13645 is a HIGH severity vulnerability allowing authenticated attackers to delete files on a WordPress server, potentially leading to remote code execution.
You are affected if you are using Modula Image Gallery versions 2.13.1 or 2.13.2. Upgrade to 2.13.3 or later to mitigate the risk.
Upgrade the Modula Image Gallery plugin to version 2.13.3 or later. Consider restricting file upload permissions as a temporary workaround.
There is currently no evidence of active exploitation in the wild, but a proof-of-concept is likely to emerge.
Refer to the Modula Image Gallery website and WordPress plugin repository for the official advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.