CVE-2025-3582
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-06-12
Assigner: WPScan
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thenewsletterplugin | newsletter | to 8.8.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-3582 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin "Newsletter" versions before 8.8.5. The plugin does not properly sanitize and escape some of its Form settings, which allows high privilege users like administrators to inject malicious scripts. This can happen even if the unfiltered_html capability is disabled, such as in multisite setups. An attacker can insert malicious HTML or JavaScript code into a form field, which then executes when the form is displayed on a page or post. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with high privileges (e.g., an admin) to perform Stored Cross-Site Scripting attacks by injecting malicious scripts into form settings. When other users view the affected pages or posts, the malicious scripts execute in their browsers, potentially leading to session hijacking, defacement, or other malicious actions. This can compromise the security and integrity of the website and its users. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the WordPress site is running the Newsletter plugin version prior to 8.8.5. Additionally, you can test for the vulnerability by attempting to create a new HTML form via the plugin's admin interface (/wp-admin/admin.php?page=newsletter_subscription_forms) and inserting a test payload such as <img src=x onerror=alert('XSS')> into the form field. If the payload executes when the form shortcode is used in a Page or Post, the site is vulnerable. There are no specific network commands provided, but verifying the plugin version and testing the form input sanitization via the admin interface are key steps. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Newsletter WordPress plugin to version 8.8.5 or later, where the issue has been fixed. Until the update can be applied, restrict high privilege users from creating or modifying forms in the plugin to prevent exploitation. [1]