CVE-2025-30928
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30928 is a Cross Site Scripting (XSS) vulnerability in the WordPress WP Biographia plugin up to version 4.0.0. It allows a malicious actor with administrator privileges to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, into a website. These scripts execute when visitors access the site, potentially compromising the site's integrity and user experience. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker with administrator access to inject malicious scripts into your website. These scripts can execute when visitors access your site, potentially leading to unwanted redirects, display of malicious advertisements, or other harmful actions. This can damage your site's reputation, compromise user trust, and possibly lead to further security issues. However, the vulnerability has a low severity score (5.9) and requires administrator privileges to exploit. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for malicious script injections in the WP Biographia plugin, especially from administrator accounts. Since the vulnerability allows stored XSS via injected scripts, scanning the website content for unexpected or suspicious HTML/JavaScript payloads is recommended. Professional incident response or server-side malware scanning is advised, as plugin-based malware scanners may be unreliable. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) offered by Patchstack, which provides automatic protection even without an official fix. Additionally, restricting administrator privileges and monitoring for suspicious activity can reduce risk. Seeking professional incident response and performing server-side malware scanning is recommended if compromise is suspected. [1]