What is CVE-2025-2105?

CVE-2025-2105 is a high-severity vulnerability in Artbees Jupiter X Core, classified under Deserialization of Untrusted Data. CVSS score: 8.1/10. Published 2025-04-26.

How severe is CVE-2025-2105?

High severity. CVSS v3 base score is 8.1 out of 10.

Deserialization in Artbees Jupiter X Core

CVE-2025-2105

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the 'file' parameter of the 'raven_download_file' function. This makes i…

Vulnerability class: Insecure Deserialization

EPSS: 0.007 (72.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Artbees Jupiter X Core — versions 0

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

References

www.wordfence.com/threat-intel/vulnerabilities/id/3427387e-30d2-40a5-9bfd-d4580…
wordpress.org/plugins/jupiterx-core/
plugins.trac.wordpress.org/changeset/3279676/jupiterx-core/trunk/includes/exten…

Frequently asked questions

What is CVE-2025-2105?: CVE-2025-2105 is a high-severity vulnerability in Artbees Jupiter X Core, classified under Deserialization of Untrusted Data. CVSS score: 8.1/10. Published 2025-04-26.
How severe is CVE-2025-2105?: High severity. CVSS v3 base score is 8.1 out of 10.