The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the make_google_font_offline() function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 28 Jul 2025 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:themeum:droip:*:*:*:*:*:wordpress:*:*

Fri, 25 Jul 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Themeum
Themeum droip
Wordpress
Wordpress wordpress
Vendors & Products Themeum
Themeum droip
Wordpress
Wordpress wordpress

Fri, 25 Jul 2025 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 25 Jul 2025 07:00:00 +0000

Type Values Removed Values Added
Description The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the make_google_font_offline() function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title Droip <= 2.2.0 - Authenticated (Subscriber+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2025-07-25T11:42:47.737Z

Reserved: 2025-06-06T19:39:29.622Z

Link: CVE-2025-5831

cve-icon Vulnrichment

Updated: 2025-07-25T11:42:44.120Z

cve-icon NVD

Status : Analyzed

Published: 2025-07-25T07:15:26.143

Modified: 2025-07-28T15:10:42.240

Link: CVE-2025-5831

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-25T15:53:53Z