CVE-2025-7443 is a critical vulnerability affecting the BerqWP WordPress plugin, which is designed to optimize page speed by managing caching, CDN, images, CSS, and JavaScript. The vulnerability arises from improper validation of file types in the store_javascript_cache.php endpoint, allowing unauthenticated attackers to upload arbitrary files to the web server. This is classified under CWE-434, which concerns unrestricted file upload vulnerabilities. Because the plugin does not restrict or validate the type of files being uploaded, attackers can potentially upload malicious scripts or web shells, leading to remote code execution (RCE). The vulnerability affects all versions up to and including 2.2.42. The CVSS v3.1 score is 8.1 (high severity), reflecting the network attack vector, no privileges or user interaction required, but with high complexity and significant impact on confidentiality, integrity, and availability. Although no public exploits are currently known, the nature of the vulnerability makes it a prime target for attackers seeking to compromise WordPress sites by gaining full control over the server environment. Given the widespread use of WordPress and the popularity of optimization plugins, this vulnerability poses a substantial risk to websites using BerqWP for performance enhancements.

For European organizations, this vulnerability could lead to severe consequences including unauthorized access to sensitive data, defacement of websites, disruption of services, and use of compromised servers as launchpads for further attacks. Organizations relying on BerqWP to improve website performance may inadvertently expose themselves to remote code execution attacks, which can compromise the confidentiality, integrity, and availability of their web infrastructure. This is particularly critical for sectors such as e-commerce, government, healthcare, and finance, where website integrity and data protection are paramount. Additionally, exploitation could lead to GDPR compliance violations if personal data is accessed or leaked, resulting in heavy fines and reputational damage. The fact that exploitation requires no authentication or user interaction increases the urgency for European organizations to address this vulnerability promptly.

Immediate mitigation steps include disabling or uninstalling the BerqWP plugin until a secure patch is released. Organizations should monitor official vendor channels for updates or patches addressing this vulnerability. In the absence of a patch, web application firewalls (WAFs) should be configured to block requests to store_javascript_cache.php or to restrict file upload functionality. Implementing strict file upload validation rules at the server or application level can help prevent malicious files from being accepted. Additionally, organizations should conduct thorough audits of their WordPress installations to identify any unauthorized files or web shells that may have been uploaded. Regular backups and incident response plans should be reviewed and updated to prepare for potential exploitation. Restricting file permissions and isolating the web server environment can limit the impact of a successful attack. Finally, organizations should consider alternative, well-maintained plugins with robust security practices for page speed optimization.