Description
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2025-67910 is likely a duplicate of this.
Published: 2025-12-05
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote File Upload leading to Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The ContentStudio plugin for WordPress contains a missing file type validation in the cstu_update_post() function in all versions up to and including 1.3.7. This flaw allows authenticated users with Author-level access or higher to upload any file to the site’s server. If an attacker can upload a file that is executed by the web server, the compromise can become full remote code execution, giving the attacker control over the host. The weakness is a classic missing file type validation, classified as CWE‑434.

Affected Systems

WordPress sites that use the ContentStudio plugin version 1.3.7 or earlier. Any such installation is vulnerable to arbitrary file uploads when an author or higher level user has access to the plugin’s update functionality.

Risk and Exploitability

With a CVSS score of 8.8, the vulnerability is assessed as high severity. The EPSS score of < 1% indicates a low probability of exploitation at present, and the issue is not listed in the CISA KEV catalog. The attack vector requires an authenticated user with author or higher privileges, which could be achieved through credential compromise or social engineering. If an attacker succeeds in uploading a malicious file, the potential for remote code execution depends on the web server’s configuration and filesystem permissions. The vulnerability is thought to be a duplicate of CVE‑2025‑67910.

Generated by OpenCVE AI on April 22, 2026 at 12:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the ContentStudio plugin to the latest available version that is newer than 1.3.7, if a post‑1.3.7 release exists.
  • If upgrade is not possible, restrict the plugin’s upload capability to Administrators only and configure WordPress to allow only safe file types, blocking executable extensions and disabling execute permissions on the uploads directory.
  • Adjust role capabilities so that only users with the Administrator role can perform file uploads through the plugin, reducing the threat surface.

Generated by OpenCVE AI on April 22, 2026 at 12:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Description The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2025-67910 is likely a duplicate of this.
References

Fri, 05 Dec 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 05 Dec 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Contentstudio
Contentstudio contentstudio
Wordpress
Wordpress wordpress
Vendors & Products Contentstudio
Contentstudio contentstudio
Wordpress
Wordpress wordpress

Fri, 05 Dec 2025 05:45:00 +0000

Type Values Removed Values Added
Description The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstu_update_post() function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title ContentStudio <= 1.3.7 - Authenticated (Author+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Contentstudio Contentstudio
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:55:23.744Z

Reserved: 2025-10-24T19:06:49.890Z

Link: CVE-2025-12181

cve-icon Vulnrichment

Updated: 2025-12-05T14:26:33.286Z

cve-icon NVD

Status : Deferred

Published: 2025-12-05T06:16:06.403

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-12181

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T12:30:16Z

Weaknesses