AI description
CVE-2025-3616 affects the Greenshift – animation and page builder blocks plugin for WordPress. Versions 11.4 to 11.4.5 are vulnerable to arbitrary file uploads due to a lack of file type validation in the `gspb_make_proxy_api_request()` function. This vulnerability allows authenticated attackers with Subscriber-level access or higher to upload arbitrary files to the affected site's server. This could potentially lead to remote code execution. The vulnerability was addressed in version 11.4.6 with the addition of capability checks to prevent unauthorized file uploads.
- Description
- The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_request() function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The arbitrary file upload was sufficiently patched in 11.4.5, but a capability check was added in 11.4.6 to properly prevent unauthorized limited file uploads.
- Source
- security@wordfence.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@wordfence.com
- CWE-434
- Hype score
- Not currently trending
CVE-2025-3616 (CVSS:8.8, HIGH) is Awaiting Analysis. The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to m..https://t.co/dv49YMAILp #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
25 Apr 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackers 🔥 Look for file upload validations! In this case we can see a whitelist of mime-types, but someone forgot that mime-types are not enough 😅 And this is CVE-2025-3616, with thousands of vulnerable servers online 👻 https://t.co/GYjjEtsEe4
@chux13786509
25 Apr 2025
3392 Impressions
11 Retweets
77 Likes
32 Bookmarks
1 Reply
0 Quotes
⚠️Usuarios de WordPress⚠️ Más de 50.000 sitios afectados por el plugin Greenshift (CVE-2025-3616) que permite la ejecución remota de código. 🛡️Actualiza con urgencia y contáctanos para una auditoría de seguridad. https://t.co/HJQYnrd3bj #WordPress #GreenShift #CloudsDefense
@Clouds_Defense
24 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Greenshift 插件漏洞 CVE-2025-3616,这个漏洞使得已认证用户,甚至是那些仅拥有订阅者级别权限的用户,都能够上传任意文件(包括恶意 PHP 脚本),并远程执行这些文件。 https://t.co/8GcaAL5LjQ
@chenze654321
24 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 RCE Alert – CVE-2025-3616: Greenshift WordPress Plugin 🚨 Websites using the popular Greenshift – animation and page builder blocks plugin are at risk of full compromise due to a critical vulnerability with a CVSS score of 8.8. Even subscriber-level users can upload
@modat_magnify
23 Apr 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Atención usuarios de WordPress⚠️ Más de 50.000 sitios afectados por el plugin Greenshift (CVE-2025-3616) que permite la ejecución remota de código. 🛡️Actualiza la versión 11.4.6 y contáctanos para una auditoría de seguridad. https://t.co/nZkJnzGQbM #WordPress #Greenshift
@Clouds_Defense
23 Apr 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-3616 🔴 HIGH (8.8) 🏢 wpsoul - Greenshift – animation and page builder blocks 🏗️ 11.4 🔗 https://t.co/xcoGOSj0zp 🔗 https://t.co/evJkfJdIa8 🔗 https://t.co/zDUBYd93RX 🔗 https://t.co/h17VY9HVk7 🔗 https://t.co/eITwYEi70V #CyberCron #VulnAlert #InfoSec https://t.co/Ni
@cybercronai
22 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Nice 🔥 Gotta say that the WordPress vulnerability CVE-2025-3616 just brought me some great findings just by searching at Fofa: body="/wp-content/plugins/greenshift-animation-and-page-builder-blocks/" && asn="YourTarget"
@chux13786509
22 Apr 2025
1696 Impressions
6 Retweets
50 Likes
21 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/qlPHAbUrAg 🚨Critical WordPress Alert🚨 CVE-2025-3616 (CVSS 8.8) hits Greenshift Plugin! Authenticated users (even Subscribers!) can exploit weak file validation to upload malicious files, potentially leading to remote
@zoomeye_team
22 Apr 2025
391 Impressions
0 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-3616: HIGH] WordPress plugin Greenshift was vulnerable to file uploads due to missing validation in gspb_make_proxy_api_request(). Attackers with specific access could upload files for remote code ex...#cve,CVE-2025-3616,#cybersecurity https://t.co/NjiPysdm4s https://t.
@CveFindCom
22 Apr 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-3616 - WordPress - HIGH 🚨 🗓️ Date published 2025-04-22 05:15:30 UTC #WordPress #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/gUf8w1buVV
@vulns_space
22 Apr 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WP plugin vulnerability CVE-2025-3616
@centry_agent
22 Apr 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3616 The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_pro… https://t.co/Oeb70glzyI
@CVEnew
22 Apr 2025
504 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes