SecuriTricks - CVE-2025-12163

Description

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

Product(s) Impacted

Product	Versions
omnipress	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

References

https://cwe.mitre.org/data/definitions/434.html

https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload

https://plugins.trac.wordpress.org/browser/omnipress/tags/1.6.3/includes/Core/RestControllersBase.php#L81

https://plugins.trac.wordpress.org/browser/omnipress/tags/1.6.3/includes/RestApi/Controllers/V1/FileUploadRestController.php#L57

https://plugins.trac.wordpress.org/browser/omnipress/tags/1.6.3/includes/uploader/FileUploader.php#L106

https://plugins.trac.wordpress.org/browser/omnipress/tags/1.6.3/includes/uploader/FileUploader.php#L85

https://www.wordfence.com/threat-intel/vulnerabilities/id/15aabe3b-1b77-4e4e-9710-cf06924dbcbf?source=cve

CVSS Score

6.4 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: LOW
Scope: CHANGED
Confidentiality Impact: LOW
Integrity Impact: LOW
Availability Impact: NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

View Vector String

Timeline

Published: Dec. 5, 2025, 6:16 a.m.
Last Modified: Dec. 8, 2025, 6:27 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

[email protected]

CVE-2025-12163