Description
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through <= 4.6.10.
Published: 2025-05-07
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in Themefic BEAF allows an attacker to upload any file type without restriction. The ability to upload a web shell grants the attacker full remote code execution on the affected web server, exposing confidential data, enabling server compromise, or facilitating further attacks. The weakness aligns with CWE‑434, identifying an unrestricted input leading to code execution.

Affected Systems

The issue applies to the Themefic BEAF "beaf‑before‑and‑after‑gallery" WordPress plugin versions up to and including 4.6.10. Systems running WordPress with this plugin version are susceptible; the plugin is identified by a CPE marking it for WordPress.

Risk and Exploitability

With a CVSS score of 9.1 the vulnerability is considered critical. The EPSS score of less than 1 % indicates a low probability of exploitation in the general threat landscape, and it is not currently listed in the CISA KEV catalog. An attacker could exploit the flaw by accessing the plugin’s upload interface, submitting a chosen file—such as a malicious PHP web shell—thereby executing code on the server. No specialized prerequisites are noted beyond the ability to access the plugin’s upload function.

Generated by OpenCVE AI on April 30, 2026 at 20:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the BEAF plugin to a version newer than 4.6.10.
  • If an update is not immediately possible, remove or deactivate the BEAF plugin.
  • Configure the WordPress install or the server to refuse all file uploads that are not required, or use an .htaccess rule to block execution of uploaded scripts.
  • Regularly monitor web server logs for abnormal upload activity or unexpected PHP files in the uploads directory.

Generated by OpenCVE AI on April 30, 2026 at 20:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-13787 Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
History

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10. Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through <= 4.6.10.
Title WordPress BEAF <= 4.6.10 - Arbitrary File Upload Vulnerability WordPress BEAF plugin <= 4.6.10 - Arbitrary File Upload Vulnerability
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

 cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Mon, 14 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00081}

 epss

{'score': 0.00085}

Mon, 12 May 2025 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Themefic
Themefic ultimate Before After Image Slider \& Gallery
CPEs cpe:2.3:a:themefic:ultimate_before_after_image_slider_\&_gallery:*:*:*:*:*:wordpress:*:*
Vendors & Products Themefic
Themefic ultimate Before After Image Slider \& Gallery

Fri, 09 May 2025 08:15:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10. Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
References

Wed, 07 May 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 07 May 2025 14:45:00 +0000

Type Values Removed Values Added
Description Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10.
Title WordPress BEAF <= 4.6.10 - Arbitrary File Upload Vulnerability
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Themefic Ultimate Before After Image Slider \& Gallery
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:12:44.560Z

Reserved: 2025-05-07T09:40:00.789Z

Link: CVE-2025-47549

cve-icon Vulnrichment

Updated: 2025-05-07T17:19:24.733Z

cve-icon NVD

Status : Modified

Published: 2025-05-07T15:16:11.780

Modified: 2026-04-23T15:30:28.047

Link: CVE-2025-47549

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T20:30:26Z

Weaknesses