Login Sign Up

CVE-2025-0365

6.5 MEDIUM

📋 TL;DR

The Jupiter X Core WordPress plugin contains a directory traversal vulnerability in its inline SVG feature. Authenticated attackers with Contributor-level access or higher can read arbitrary files on the server, potentially exposing sensitive information like configuration files, credentials, or database contents. This affects all WordPress sites using Jupiter X Core plugin versions up to 4.8.7.

💻 Affected Systems

Products:
  • Jupiter X Core WordPress Plugin
Versions: All versions up to and including 4.8.7
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated user with at least Contributor role. WordPress multisite installations are also affected.

📦 What is this software?

Jupiter X Core by Artbees

View all CVEs affecting Jupiter X Core →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain database credentials, SSH keys, or other sensitive files leading to complete site compromise, data theft, or server takeover.

🟠

Likely Case

Attackers read wp-config.php to obtain database credentials, potentially leading to database access and site defacement or data exfiltration.

🟢

If Mitigated

With proper file permissions and security controls, attackers can only read publicly accessible files with minimal impact.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires Contributor-level WordPress account. The vulnerability is in the inline SVG widget file handling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.8.8

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3231122/jupiterx-core/trunk/includes/extensions/raven/includes/modules/inline-svg/widgets/inline-svg.php

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Jupiter X Core. 4. Click 'Update Now' if available. 5. Alternatively, download version 4.8.8+ from WordPress.org and manually update.

🔧 Temporary Workarounds

Remove Contributor Role Access

all

Temporarily restrict Contributor role access or elevate authentication requirements

Disable Inline SVG Feature

all

Disable the vulnerable inline SVG widget functionality

🧯 If You Can't Patch

  • Implement strict file permissions (chmod 600 for sensitive files)
  • Add web application firewall rules to block directory traversal patterns

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Jupiter X Core version. If version is 4.8.7 or lower, you are vulnerable.

Check Version:

wp plugin list --name=jupiterx-core --field=version

Verify Fix Applied:

Verify Jupiter X Core plugin version is 4.8.8 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file read attempts in web server logs
  • Multiple requests with '../' patterns from Contributor accounts

Network Indicators:

  • HTTP requests containing '../' patterns to inline SVG endpoints

SIEM Query:

source="web_server_logs" AND (uri="*../*" OR uri="*inline-svg*") AND user_agent="*WordPress*"

📊 Metadata

CVE ID: CVE-2025-0365
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-22
EPSS Score: 1.11% exploit probability (77.8th percentile)
Published: February 1, 2025
Last Updated: February 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0365, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)