Plattform
wordpress
Komponente
jkdevkit
Behoben in
1.9.5
CVE-2025-2932 is an arbitrary file access vulnerability discovered in the JKDEVKIT WordPress plugin. This flaw allows authenticated attackers to delete arbitrary files on the server, potentially leading to remote code execution, particularly if critical files like wp-config.php are targeted. The vulnerability affects versions 1.0.0 through 1.9.4 of the plugin, and a patch is expected to be released shortly.
The primary impact of CVE-2025-2932 is the ability for an authenticated attacker to delete files on the server. Specifically, the fontuploadhandler function lacks proper file path validation, allowing attackers to specify arbitrary file paths for deletion. Deleting critical files like wp-config.php could lead to complete compromise of the WordPress installation, enabling remote code execution. If WooCommerce is enabled, the attack requires Contributor-level access or higher. This vulnerability presents a significant risk to WordPress sites utilizing the JKDEVKIT plugin, as it bypasses standard access controls and can be exploited with relative ease.
CVE-2025-2932 has been publicly disclosed on 2025-07-03. The vulnerability's ease of exploitation, combined with the plugin's potential popularity, suggests a medium probability of exploitation. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature makes it likely that PoCs will emerge. Monitor security advisories and threat intelligence feeds for updates.
WordPress sites utilizing the JKDEVKIT plugin, particularly those with Subscriber-level users or higher, are at risk. Shared hosting environments where users have limited control over file permissions are also at increased risk, as are sites that haven't implemented robust file upload validation.
• wordpress / composer / npm:
grep -r 'font_upload_handler' /var/www/html/wp-content/plugins/jkdevkit/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/jkdevkit/font_upload_handler• wordpress / composer / npm:
wp plugin list --status=inactive | grep jkdevkitdisclosure
Exploit-Status
EPSS
1.27% (79% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-2932 is to upgrade to a patched version of the JKDEVKIT plugin as soon as it becomes available. Until a patch is released, consider implementing a Web Application Firewall (WAF) rule to block requests to the fontuploadhandler endpoint with suspicious file paths. Additionally, restrict file upload permissions to the minimum necessary and regularly review file system permissions. Monitor WordPress logs for unusual file deletion activity. After upgrade, confirm by attempting a file deletion via the plugin's upload functionality and verifying that the operation is denied.
Actualice el plugin JKDEVKIT a la última versión disponible para mitigar la vulnerabilidad de eliminación arbitraria de archivos. Verifique que la validación de rutas de archivos sea adecuada para prevenir accesos no autorizados. Considere limitar los permisos de los usuarios a los estrictamente necesarios para reducir el riesgo de explotación.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-2932 is a HIGH severity vulnerability in the JKDEVKIT WordPress plugin allowing authenticated users to delete arbitrary files, potentially leading to remote code execution.
You are affected if your WordPress site uses the JKDEVKIT plugin in versions 1.0.0 through 1.9.4. Check your plugin versions immediately.
Upgrade the JKDEVKIT plugin to the latest patched version as soon as it is available. Implement WAF rules as a temporary mitigation.
While no active exploitation has been confirmed, the vulnerability's ease of exploitation suggests it is likely to be targeted soon. Monitor security advisories.
Check the JKDEVKIT plugin's official website or WordPress plugin repository for updates and security advisories related to CVE-2025-2932.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.