Description
Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.
Published: 2025-04-16
Score: 6.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Unrestricted upload of files with dangerous MIME types in the WP‑Advanced‑Search plugin allows an attacker to upload a web shell to the hosting server. The vulnerability permits execution of arbitrary code on the web server, compromising confidentiality, integrity, and availability of the site. The weakness is classified as CWE‑434, representing an arbitrary file upload flaw.

Affected Systems

The WordPress WP‑Advanced‑Search plugin made by Mathieu Chartier, versions 3.3.9.4 and earlier, are affected. Sites using any older version of the plugin are vulnerable until the plugin is upgraded beyond 3.3.9.4.

Risk and Exploitability

The CVSS score is 6.6, indicating a moderate severity. The EPSS score is less than 1%, suggesting a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is via the plugin’s web‑based file upload interface, which can be accessed remotely by an attacker with or without authentication, depending on the site’s configuration. Successful exploitation requires the attacker to successfully upload a web shell file that the server will execute when accessed.

Generated by OpenCVE AI on May 2, 2026 at 02:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the WP‑Advanced‑Search plugin to a version newer than 3.3.9.4 to eliminate the upload flaw.
  • If an immediate upgrade is not possible, disable the WP‑Advanced‑Search plugin to block all file uploads until a patched version is installed.
  • As a temporary measure, reconfigure the server or plugin to reject uploads with executable or scripting file extensions (e.g., .php, .phtml, .js) and enforce a strict MIME type whitelist.

Generated by OpenCVE AI on May 2, 2026 at 02:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-11333 Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3.
History

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3. Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.
Title WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability WordPress WP-Advanced-Search plugin <= 3.3.9.4 - Arbitrary File Upload Vulnerability
References
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L'}

Wed, 16 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 16 Apr 2025 13:15:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3.
Title WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 6.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:12:34.306Z

Reserved: 2025-04-16T06:24:47.077Z

Link: CVE-2025-39538

cve-icon Vulnrichment

Updated: 2025-04-16T13:28:54.156Z

cve-icon NVD

Status : Deferred

Published: 2025-04-16T13:15:46.790

Modified: 2026-04-23T15:29:45.013

Link: CVE-2025-39538

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T02:15:31Z

Weaknesses