CIBELES AI

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.10.8. This makes it possible for unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files on the affected site's server which may make remote code execution possible.

AI Analysis

Arbitrary file upload vulnerability due to missing capability check in the 'actualizador_git.php' file, allowing unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files, potentially leading to remote code execution.

Basic Information

ID CVE-2025-13595

Source Wordfence

Published Nov 25, 2025 at 22:28

Affected Product

Vendor soportecibeles

Product CIBELES AI

Version *

Affected Versions soportecibeles CIBELES AI *

CWE Classification

CWE-434

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor soportecibeles

Product CIBELES AI

Version 1.10.8

References

{
    "lastseen": "",
    "description": "The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.10.8. This makes it possible for unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files on the affected site's server which may make remote code execution possible.",
    "published": "2025-11-25T22:28:36.431Z",
    "modified": "2025-11-25T22:28:36.431Z",
    "type": "cve",
    "title": "CIBELES AI <= 1.10.8 - Unauthenticated Arbitrary File Upload",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b3e89a1c-7606-4391-a389-fa18d0967046?source=cve\nhttps://plugins.trac.wordpress.org/browser/cibeles-ai/trunk/actualizador_git.php#L1\nhttps://plugins.trac.wordpress.org/changeset/3402311/cibeles-ai\nhttps://github.com/d0n601/CVE-2025-13595\nhttps://ryankozak.com/posts/cve-2025-13595/",
    "id": "CVE-2025-13595",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "soportecibeles CIBELES AI *",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CIBELES AI",
    "version": "*",
    "vendor": "soportecibeles",
    "ai_description": "Arbitrary file upload vulnerability due to missing capability check in the 'actualizador_git.php' file, allowing unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files, potentially leading to remote code execution.",
    "ai_severity": "Critical",
    "ai_vendor": "soportecibeles",
    "ai_product": "CIBELES AI",
    "ai_version": "1.10.8",
    "ai_score": 9.8
}

CIBELES AI <= 1.10.8 - Unauthenticated Arbitrary File Upload_CVE-2025-13595