CVE-2025-5842
BaseFortify
Publication date: 2025-06-26
Last updated on: 2025-07-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| getbutterfly | modern_design_library | to 1.1.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5842 is a Stored Cross-Site Scripting (XSS) vulnerability in the Modern Design Library WordPress plugin (versions up to 1.1.4). It occurs because the plugin insufficiently sanitizes and escapes user-supplied input, specifically the 'class' parameter and other style-related attributes used in inline styles. Authenticated users with Contributor-level access or higher can inject malicious scripts into pages, which execute when other users view those pages. The vulnerability was fixed by properly escaping these attributes before outputting them in the plugin's code. [1, 3]
How can this vulnerability impact me? :
This vulnerability allows authenticated users with Contributor-level access or above to inject arbitrary malicious scripts into pages via the plugin's shortcode attributes. When other users access these pages, the injected scripts execute in their browsers, potentially leading to theft of session cookies, defacement, or other malicious actions. This compromises the security and integrity of the affected WordPress site and its users.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the WordPress site is running the Modern Design Library plugin version 1.1.4 or earlier, as these versions are vulnerable. You can verify the plugin version via the WordPress admin dashboard or by inspecting the plugin files. Additionally, you can search for the presence of the vulnerable shortcode usage or injected scripts in pages accessible to authenticated users with Contributor-level access or higher. There are no specific network commands provided, but you can use WP-CLI commands such as `wp plugin list` to check the plugin version. Also, scanning for suspicious inline scripts or unusual 'class' parameter values in page source or database content may help detect exploitation attempts. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Modern Design Library WordPress plugin to version 1.1.5 or later, where the vulnerability has been fixed by properly sanitizing and escaping user-supplied attributes. If updating immediately is not possible, restrict Contributor-level and higher user permissions to trusted users only, and monitor for suspicious activity. Applying the update ensures that the plugin uses the `esc_attr()` function to escape attributes and prevents stored cross-site scripting attacks. [1, 2, 3]