CVE-2025-12957 is a vulnerability classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) found in the All-in-One Video Gallery plugin for WordPress, developed by plugins360. The vulnerability exists in all versions up to and including 4.5.7 due to insufficient validation of uploaded file types, specifically VTT (Web Video Text Tracks) files. The plugin's sanitization process fails to detect files with double extensions, allowing attackers to upload malicious files disguised as legitimate VTT files. An attacker with author-level or higher privileges can exploit this flaw to upload arbitrary files to the server hosting the WordPress site. This can lead to remote code execution (RCE), enabling the attacker to execute malicious code, compromise the server, and potentially pivot within the network. The vulnerability does not require user interaction and can be exploited remotely over the network. The CVSS v3.1 base score is 8.8, indicating high severity with network attack vector, low attack complexity, and privileges required at the author level. Although no known exploits are currently in the wild, the vulnerability's nature and impact make it a critical risk for affected sites. The lack of patch links suggests that a fix may not yet be publicly available, increasing urgency for mitigation.

For European organizations, this vulnerability poses a significant risk, especially for those relying on WordPress sites with the All-in-One Video Gallery plugin installed. Successful exploitation can lead to full server compromise, data breaches, defacement, or use of the server as a pivot point for further attacks. Confidentiality is at risk due to potential data exfiltration, integrity can be compromised by unauthorized code execution or content modification, and availability may be affected if attackers disrupt services or deploy ransomware. Organizations in sectors such as government, finance, healthcare, and media, which often use WordPress for public-facing websites, are particularly vulnerable. The ease of exploitation by authenticated users means insider threats or compromised accounts can escalate attacks. The widespread use of WordPress across Europe amplifies the potential impact, making this a critical concern for cybersecurity teams.

1. Immediately restrict upload permissions to trusted users only, preferably limiting author-level users from uploading files until a patch is available. 2. Implement additional server-side validation to detect and block files with double extensions or suspicious file types beyond the plugin's native checks. 3. Use web application firewalls (WAFs) with custom rules to detect and block malicious upload attempts targeting this vulnerability. 4. Monitor server logs and WordPress upload directories for unusual file uploads or changes, focusing on VTT and other media-related files. 5. Employ file integrity monitoring to detect unauthorized file additions or modifications. 6. Regularly update WordPress core, plugins, and themes to the latest versions once a patch for this vulnerability is released. 7. Educate users with author-level access about the risks of uploading untrusted files and enforce strong authentication mechanisms to reduce account compromise risks. 8. Consider isolating WordPress instances or running them with least privilege to limit the impact of potential exploitation.