CVE-2025-8625

CRITICAL 9.8

Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT Secret and File-Type Validation to Unauthenticated Remote Code Execution

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreap_handle_image() Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachments. As a result, unauthenticated attackers can forge a valid token to gain elevated privileges and upload an arbitrary file (e.g. a PHP script) through the image handler, leading to remote code execution.

CWE	CWE-321
Vendor	copypressdev
Product	copypress rest api
Published	Sep 30, 2025
Last Updated	Sep 30, 2025

Stay Ahead of the Next One

Get instant alerts for copypressdev copypress rest api

Be the first to know when new critical vulnerabilities affecting copypressdev copypress rest api are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

copypressdev / Copypress Rest API

1.1 ≤ 1.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wordfence.com: https://www.wordfence.com/threat-intel/vulnerabilities/id/3045c9e5-4095-48e5-8d9d-16a091e69d54?source=cve wordpress.org: https://wordpress.org/plugins/copypress-rest-api/#developers

Credits

Kenneth Dunn