CVE-2025-15546

Vulnerability

The Iptanus File Upload WordPress plugin versions before 5.1.7 contain a Time-of-Check to Time-of-Use (TOCTOU) race condition. When the duplicatepolicy setting is configured to "maintain both", the plugin checks for file existence before writing a new file. An attacker can exploit the window between the check and the write to overwrite files uploaded by other users. [1]

Exploitation

An authenticated attacker with file upload privileges (e.g., subscriber or higher) must race the file existence check by sending a concurrent request that writes to the same file path after the check passes but before the original write completes. This requires precise timing and may need multiple attempts. The attacker targets files uploaded by other users. [1]

Impact

Successful exploitation allows the attacker to overwrite arbitrary files uploaded by other users, leading to data corruption, replacement with malicious content, or further compromise depending on file type and usage. The attacker violates data integrity and availability. [1]

Mitigation

The vulnerability is fixed in version 5.1.7 of the Iptanus File Upload plugin. Users should update immediately via the WordPress admin dashboard or manually. No workaround is documented. [1]