CVE-2025-7437 is a critical vulnerability affecting the Ebook Store plugin for WordPress developed by motovnet. The vulnerability arises from the lack of proper file type validation in the function ebook_store_save_form across all versions up to and including 5.8012. This flaw allows unauthenticated attackers to upload arbitrary files to the server hosting the affected WordPress site. Since the upload mechanism does not restrict dangerous file types, attackers can potentially upload malicious scripts or executable files. This can lead to remote code execution (RCE), enabling attackers to execute arbitrary code on the server, compromise the website, steal sensitive data, or pivot further into the hosting environment. The vulnerability is classified under CWE-434, which pertains to unrestricted file upload vulnerabilities. The CVSS v3.1 base score is 9.8, indicating a critical severity with network attack vector, no required privileges or user interaction, and full impact on confidentiality, integrity, and availability. Although no known exploits are reported in the wild yet, the ease of exploitation and the critical impact make this a high-risk vulnerability for any WordPress site using the affected plugin versions. Given WordPress's widespread use, this vulnerability poses a significant threat to websites relying on the Ebook Store plugin for digital content management and sales.

For European organizations, this vulnerability presents a severe risk, especially for businesses operating e-commerce platforms, digital content providers, and any entity using WordPress with the Ebook Store plugin. Successful exploitation could lead to full server compromise, data breaches involving customer information, intellectual property theft, and disruption of online services. This could result in financial losses, reputational damage, and regulatory penalties under GDPR due to unauthorized access or data leakage. The ability for unauthenticated attackers to remotely execute code without user interaction increases the likelihood of automated exploitation campaigns targeting vulnerable sites. Additionally, compromised sites could be used as launchpads for further attacks within corporate networks or to distribute malware to customers and partners. The impact extends beyond individual organizations to the broader European digital ecosystem, potentially affecting trust in online commerce platforms.

Immediate mitigation steps include: 1) Updating the Ebook Store plugin to a patched version once released by the vendor. Since no patch links are currently available, organizations should monitor vendor announcements closely. 2) Implementing web application firewall (WAF) rules to block or restrict file upload requests to the vulnerable endpoint, particularly filtering out executable or script file types. 3) Restricting file upload permissions on the server to prevent execution of uploaded files, such as disabling execution rights in upload directories. 4) Employing strict input validation and sanitization at the application level to enforce allowed file types and sizes. 5) Conducting regular security audits and scanning WordPress installations for unauthorized files or changes. 6) Isolating WordPress environments and limiting their access to critical backend systems to reduce lateral movement risk. 7) Educating site administrators about the risks of using outdated plugins and encouraging timely updates. These measures, combined, reduce the attack surface and limit the potential damage until an official patch is available.