Refine your search
1 vulnerability found for by paoltaia
CVE-2025-12833 (GCVE-0-2025-12833)
Vulnerability from cvelistv5
Published
2025-11-12 04:29
Modified
2025-11-12 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.139 via the 'post_attachment_upload' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author-level access and above, to attach arbitrary image files to arbitrary places.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| paoltaia | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory |
Version: * ≤ 2.8.139 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T18:16:06.343248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T18:16:20.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GeoDirectory \u2013 WP Business Directory Plugin and Classified Listings Directory",
"vendor": "paoltaia",
"versions": [
{
"lessThanOrEqual": "2.8.139",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "German"
}
],
"descriptions": [
{
"lang": "en",
"value": "The GeoDirectory \u2013 WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.8.139 via the \u0027post_attachment_upload\u0027 function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author-level access and above, to attach arbitrary image files to arbitrary places."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T04:29:09.221Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/408f0c2a-ef3c-4592-8722-d56afce92e24?source=cve"
},
{
"url": "https://wordpress.org/plugins/geodirectory/"
},
{
"url": "https://github.com/AyeCode/geodirectory/commit/db655b04be32a160c0abf73217faf0a50585aa92"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3393024%40geodirectory\u0026new=3393024%40geodirectory\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-06T20:01:51.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-11T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "GeoDirectory \u2013 WP Business Directory Plugin and Classified Listings Directory \u003c= 2.8.139 - Missing Authorization to Authenticated (Author+) Arbitrary Image Attachment"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12833",
"datePublished": "2025-11-12T04:29:09.221Z",
"dateReserved": "2025-11-06T19:46:39.817Z",
"dateUpdated": "2025-11-12T18:16:20.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}