CVE-2025-50022
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-50022 is a Cross Site Scripting (XSS) vulnerability in the WordPress WP-FB-AutoConnect plugin versions up to 4.6.3. It allows a malicious actor with administrator privileges to inject harmful scripts, such as redirects or unwanted HTML content, into a website. These scripts execute when visitors access the site, potentially causing unauthorized actions or content display. The vulnerability is classified under OWASP Top 10 category A3: Injection and specifically as Cross Site Scripting (XSS). [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized script execution on your website, resulting in unwanted redirects, injection of malicious content, or other harmful HTML payloads that affect visitors. Although it requires administrator privileges to exploit and has a low severity score (5.9), it can compromise the integrity and user experience of your site. There is currently no official patch, so mitigation strategies like virtual patching and professional incident response are recommended to reduce risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for injected malicious scripts such as redirects, advertisements, or other HTML payloads in the website content generated by the WP-FB-AutoConnect plugin (version up to 4.6.3). Since the vulnerability requires administrator privileges to exploit and involves stored XSS, scanning the website pages for suspicious script injections or unexpected HTML content is recommended. There are no specific commands provided for detection. Professional incident response and server-side malware scanning are advised over plugin-based malware scanners, which may be unreliable due to potential tampering. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing virtual patching (vPatching) solutions that auto-mitigate the vulnerability even without an official patch, providing rapid protection without performance loss. Users should monitor for updates from the plugin developer or security advisories. In case of suspected compromise, engage professional incident response and perform server-side malware scanning. Since there is no official fix or patched version available, virtual patching is the recommended approach. [1]