CVE-2025-5234
BaseFortify
Publication date: 2025-06-19
Last updated on: 2025-07-16
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jegstudio | gutenverse_news | to 2.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Gutenverse News plugin for WordPress is a Stored Cross-Site Scripting (XSS) issue occurring via the 'elementId' parameter in all versions up to and including 1.0.4. Due to insufficient input sanitization and output escaping, authenticated users with Contributor-level access or higher can inject arbitrary web scripts into pages. These scripts execute whenever any user accesses the injected page, potentially compromising user security.
How can this vulnerability impact me? :
This vulnerability allows authenticated attackers with Contributor-level access or above to inject malicious scripts into pages via the 'elementId' parameter. When other users visit these pages, the injected scripts execute in their browsers, which can lead to theft of sensitive information, session hijacking, defacement, or other malicious actions. This compromises the security and integrity of the website and its users.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves Stored Cross-Site Scripting via the 'elementId' parameter in the Gutenverse News WordPress plugin versions up to 1.0.4. Detection would involve identifying if your WordPress site uses this plugin version and if the 'elementId' parameter is being exploited. Since the vulnerability requires authenticated users with Contributor-level access or higher to inject scripts, monitoring for unusual or suspicious 'elementId' values in HTTP requests or stored content could help. However, no specific detection commands or network signatures are provided in the resources. A practical approach is to check the plugin version installed on your WordPress site by running commands like `wp plugin list` using WP-CLI or inspecting the plugin files directly. Additionally, reviewing page source or database entries for unexpected scripts in pages rendered by the plugin might indicate exploitation. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Gutenverse News plugin to version 2.0.0 or later, where the vulnerability related to the 'elementId' parameter has been addressed by sanitizing this parameter properly. If updating is not immediately possible, restrict Contributor-level and higher user permissions to trusted users only, and monitor for suspicious activity involving the 'elementId' parameter. Applying the update will ensure that the element ID is sanitized using functions like `esc_attr()`, preventing stored XSS attacks. [2, 3]