CVE-2025-32202

Published Apr 10, 2025

Last updated 2 months ago

CVSS critical 9.1

Overview

Description
Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com Insert or Embed Articulate Content into WordPress allows Upload a Web Shell to a Web Server. This issue affects Insert or Embed Articulate Content into WordPress: from n/a through 4.3000000025.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.1
Impact score
6
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

audit@patchstack.com
CWE-434

Social media

Hype score
Not currently trending

  1. ๐Ÿšจ Critical #WordPress plugin flaw (CVE-2025-32202) allows attackers to upload malicious files & hijack websites. Affects 'Insert or Embed Articulate Content' plugin โ‰ค v4.3000000025. Patch now. ๐Ÿ›ก๏ธ Details: https://t.co/asM8Uexxag #CyberSecurity #InfoSec

    @threatsbank

    11 Apr 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ๐Ÿšจ CVE-2025-32202 โš ๏ธ๐Ÿ”ด CRITICAL (9.1) ๐Ÿข Brian Batt - https://t.co/oEmAitgXiC - Insert or Embed Articulate Content into WordPress ๐Ÿ—๏ธ Unknown Version ๐Ÿ”— https://t.co/4XiFeIFxnr #CyberCron #VulnAlert #InfoSec https://t.co/9TjJbYuLoe

    @cybercronai

    10 Apr 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.