CVE-2025-8625

CRITICAL

Copypress Rest API <1.2 - RCE

Title source: llm

Description

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreap_handle_image() Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachments. As a result, unauthenticated attackers can forge a valid token to gain elevated privileges and upload an arbitrary file (e.g. a PHP script) through the image handler, leading to remote code execution.

Exploits (3)

github WORKING POC 2 stars

by Nxploited · pythonpoc

https://github.com/Nxploited/CVE-2025-8625

View Code ZIP pw:eip

github WORKING POC 1 stars

by ret0x2A · pythonpoc

https://github.com/ret0x2A/CVE-2025-8625

View Code ZIP pw:eip

github WORKING POC

by Boshe99 · pythonpoc

https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2025-8625

View Code ZIP pw:eip

References (2)

[Product] https://wordpress.org/plugins/copypress-rest-api/#developers

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/3045c9e5-4095-48e5-8d9d-16a091e69d54?source=cve

Scores

CVSS v3 9.8

EPSS 0.0035

EPSS Percentile 56.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-321

Status draft

Timeline

Published Sep 30, 2025

Tracked Since Feb 18, 2026