CVE-2025-8081
published 2025-08-12CVE-2025-8081: The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function…
PriorityP427medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
0.47%
37.4th percentile
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elementor | website_builder | < 3.30.3 | 3.30.3 |
| elemntor | elementor_website_builder_more_than_just_a_page_builder | <= 3.30.2 | — |
| mitmproxy | mitmproxy | >= 0 < 11.1.2 | 11.1.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4f9c-3v6f-46qp: The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3
ghsa_unreviewed·2025-08-12
CVE-2025-8081 [MEDIUM] CWE-22 GHSA-4f9c-3v6f-46qp: The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
GHSA
Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
ghsa·2025-05-05
CVE-2025-46335 [MEDIUM] CWE-79 Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload
**Vulnerable MobSF Versions:** .svg
This file becomes publicly accessible via the web interface at:
http://127.0.0.1:8081/download/filename.svg
If the SVG contains embedded JavaScript (e.g., an XSS payload), accessing this URL via a browser leads to the execution of the script in the context of the MobSF user session, resulting in stored XSS.
**Proof Of Concept:**
1. Create a malicious SVG file (ic_launcher.svg) with an embedded XSS payload.
2. Place the file in the Android Studio project directory: /app/src/main/res/mipmap-hdpi/ic_launcher.svg
3. Zip the project directory and upload it to MobSF.
4. After the scan, navigate to the "Recent Scans" page in the MobSF web interfa
GHSA
Mitmweb API Authentication Bypass Using Proxy Server
ghsa·2025-02-06
CVE-2025-23217 [HIGH] CWE-288 Mitmweb API Authentication Bypass Using Proxy Server
Mitmweb API Authentication Bypass Using Proxy Server
### Impact
In mitmweb 11.1.0 and below, a malicious client can use mitmweb's proxy server (bound to `*:8080` by default) to access mitmweb's internal API (bound to `127.0.0.1:8081` by default). In other words, while the client cannot access the API directly (good), they can access the API through the proxy (bad). An attacker may be able to escalate this [SSRF](https://en.wikipedia.org/wiki/Server-side_request_forgery)-style access to remote code execution.
The mitmproxy and mitmdump tools are unaffected. Only mitmweb is affected. The `block_global` option, which is enabled by default, blocks connections originating from publicly-routable IP addresses in the proxy. The attacker needs to be in the same local network.
### Patches
The vu
No detection rules found.
No writeups or analysis indexed.
https://github.com/elementor/elementor/commit/6af3551ee4213fb4003338743e22f41aa2a09c01https://plugins.trac.wordpress.org/browser/elementor/tags/3.30.2/includes/template-library/classes/class-import-images.php#L111https://plugins.trac.wordpress.org/changeset/3332233/elementor/trunk/includes/template-library/classes/class-import-images.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/13929b51-b32e-401c-a642-49f7cd2d07bf?source=cve
2025-08-12
Published