CVE-2025-30950
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30950 is a Cross Site Scripting (XSS) vulnerability in the WordPress plugin "All Currencies for WooCommerce" up to version 2.4.4. It allows a malicious actor with contributor-level privileges to inject and execute arbitrary scripts, such as redirects or advertisements, on affected websites when visited by users. This happens due to improper neutralization of input during web page generation, enabling attackers to run unauthorized scripts in the context of the site. [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized script execution on your website, potentially resulting in malicious redirects, unwanted advertisements, or other harmful HTML payloads being executed in users' browsers. This can compromise user trust, lead to data theft, or facilitate further attacks. Although the CVSS score is 6.5 indicating moderate severity, exploitation requires contributor-level access and user interaction, making it opportunistic but still a risk. If compromised, professional incident response and server-side malware scanning are recommended. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for signs of Cross Site Scripting (XSS) exploitation, such as unexpected script execution or unauthorized redirects on affected WordPress sites using the All Currencies for WooCommerce plugin up to version 2.4.4. Since plugin-based malware scanners may be unreliable due to tampering, it is recommended to use professional incident response services or server-side malware scanning tools to detect compromise. Specific commands are not provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) offered by Patchstack, which auto-mitigates the vulnerability without performance loss even in the absence of an official fix. Additionally, users should monitor their sites for suspicious activity and consider professional incident response if compromise is suspected. Since no official patch is available as of the publication date, virtual patching is the recommended rapid protection method. [1]