Introduction
Attackers can upload arbitrary JavaScript files to any WordPress site running the Easy Upload Files During Checkout plugin up to version 2.9.8. This exposes e-commerce platforms to remote code execution and persistent JavaScript injection, directly impacting both site operators and customers.
The Easy Upload Files During Checkout plugin is a popular add-on for WooCommerce, allowing customers to attach files during checkout. It is maintained by Fahad Mahmood and distributed via the official WordPress plugin repository. The plugin is widely used in the WooCommerce ecosystem, which powers a significant portion of global e-commerce sites.
Technical Information
CVE-2025-12682 is caused by missing file type validation in the file_during_checkout function of the Easy Upload Files During Checkout plugin for WordPress. All versions up to and including 2.9.8 are affected. The plugin's intended functionality is to let users upload files (such as images or documents) during the WooCommerce checkout process. However, the vulnerable function does not properly check the type of uploaded files, allowing attackers to upload arbitrary JavaScript files.
Because the upload endpoint is accessible without authentication, any remote user can submit a crafted HTTP POST request containing a JavaScript file. If the server stores these files in a web-accessible directory (such as wp-content/uploads), the attacker can then access or serve the malicious file, potentially leading to stored cross-site scripting or remote code execution, depending on server configuration. The vulnerability is classified as CWE-434: Unrestricted Upload of File with Dangerous Type.
No public code snippets from the vulnerable function are available at this time.
Affected Systems and Versions
- Product: Easy Upload Files During Checkout plugin for WordPress
- Affected versions: All versions up to and including 2.9.8
- Vulnerable configuration: Any WordPress installation with the plugin enabled and file uploads allowed during checkout
Vendor Security History
The Easy Upload Files During Checkout plugin is maintained by Fahad Mahmood. No prior major vulnerabilities have been publicly documented for this plugin. However, arbitrary file upload vulnerabilities are a recurring issue in the WordPress plugin ecosystem, with similar flaws reported in other WooCommerce-related plugins. The vendor's patch response time and overall security maturity cannot be fully assessed from available public information.
