Login Sign Up

CVE-2025-4336

8.1 HIGH
Remote Code Execution

📋 TL;DR

The eMagicOne Store Manager for WooCommerce WordPress plugin allows unauthenticated attackers to upload arbitrary files due to missing file type validation. This can lead to remote code execution on affected WordPress sites. Sites using the plugin with default credentials or compromised credentials are vulnerable.

💻 Affected Systems

Products:
  • eMagicOne Store Manager for WooCommerce WordPress plugin
Versions: All versions up to and including 1.2.5
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Exploitable by unauthenticated attackers only when default password '1:1' is unchanged or credentials are compromised.

📦 What is this software?

Emagicone Store Manager For Woocommerce by Emagicone

View all CVEs affecting Emagicone Store Manager For Woocommerce →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise via remote code execution, allowing attackers to install malware, steal data, or pivot to other systems.

🟠

Likely Case

Website defacement, backdoor installation, or data exfiltration through uploaded malicious files.

🟢

If Mitigated

Limited impact if proper file upload restrictions and authentication controls are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit code available on GitHub; exploitation requires specific conditions but is straightforward when met.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.2.6 or later

Vendor Advisory: https://plugins.trac.wordpress.org/browser/store-manager-connector/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Store Manager for WooCommerce' and update to version 1.2.6 or higher. 4. Verify update completes successfully.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate store-manager-connector

Change Default Password

all

Change the default plugin password from '1:1' to a strong, unique password.

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block file uploads to vulnerable endpoints.
  • Restrict file upload permissions and monitor upload directories for suspicious files.

🔍 How to Verify

Check if Vulnerable:

Check WordPress plugin version via admin panel or filesystem: wp plugin list | grep store-manager-connector

Check Version:

wp plugin get store-manager-connector --field=version

Verify Fix Applied:

Confirm plugin version is 1.2.6 or higher and test file upload functionality.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to plugin endpoints
  • POST requests to /wp-content/plugins/store-manager-connector/

Network Indicators:

  • HTTP requests with file uploads to vulnerable plugin paths

SIEM Query:

source="web_logs" AND uri_path="/wp-content/plugins/store-manager-connector/" AND method="POST" AND file_upload="true"

📊 Metadata

CVE ID: CVE-2025-4336
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
EPSS Score: 0.94% exploit probability (75.8th percentile)
Published: May 24, 2025
Last Updated: July 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4336, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)