CVE-2025-12957: CWE-434 Unrestricted Upload of File with Dangerous Type in plugins360 All-in-One Video Gallery
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7. This is due to insufficient file type validation detecting VTT files, allowing double extension files to bypass sanitization while being accepted as a valid VTT file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
AI Analysis
Technical Summary
CVE-2025-12957 is a vulnerability in the All-in-One Video Gallery plugin for WordPress (versions up to 4.5.7) caused by improper file type validation of VTT files. The plugin fails to correctly detect double extension files, allowing authenticated users with author-level privileges or higher to upload arbitrary files to the server. This unrestricted file upload can lead to remote code execution. The vulnerability is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type). The CVSS v3.1 base score is 8.8, indicating high impact on confidentiality, integrity, and availability. A patch is available to remediate this vulnerability.
Potential Impact
An authenticated attacker with author-level or higher access can exploit this vulnerability to upload arbitrary files, including potentially malicious code, to the server hosting the vulnerable plugin. This can lead to remote code execution, compromising the confidentiality, integrity, and availability of the affected system. The high CVSS score reflects the significant risk posed by this vulnerability.
Mitigation Recommendations
A patch is available for this vulnerability. It is recommended to update the All-in-One Video Gallery plugin to the latest version that addresses this issue. Until the patch is applied, restrict author-level user permissions where possible to reduce risk. Monitor vendor advisories for official updates and apply them promptly.
CVE-2025-12957: CWE-434 Unrestricted Upload of File with Dangerous Type in plugins360 All-in-One Video Gallery
Description
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7. This is due to insufficient file type validation detecting VTT files, allowing double extension files to bypass sanitization while being accepted as a valid VTT file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-12957 is a vulnerability in the All-in-One Video Gallery plugin for WordPress (versions up to 4.5.7) caused by improper file type validation of VTT files. The plugin fails to correctly detect double extension files, allowing authenticated users with author-level privileges or higher to upload arbitrary files to the server. This unrestricted file upload can lead to remote code execution. The vulnerability is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type). The CVSS v3.1 base score is 8.8, indicating high impact on confidentiality, integrity, and availability. A patch is available to remediate this vulnerability.
Potential Impact
An authenticated attacker with author-level or higher access can exploit this vulnerability to upload arbitrary files, including potentially malicious code, to the server hosting the vulnerable plugin. This can lead to remote code execution, compromising the confidentiality, integrity, and availability of the affected system. The high CVSS score reflects the significant risk posed by this vulnerability.
Mitigation Recommendations
A patch is available for this vulnerability. It is recommended to update the All-in-One Video Gallery plugin to the latest version that addresses this issue. Until the patch is applied, restrict author-level user permissions where possible to reduce risk. Monitor vendor advisories for official updates and apply them promptly.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-11-10T15:26:13.171Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6969c56d7c726673b6f0ba61
Added to database: 1/16/2026, 4:58:21 AM
Last enriched: 4/9/2026, 9:26:44 AM
Last updated: 5/10/2026, 2:28:33 PM
Views: 122
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.