CVE-2025-5923
BaseFortify
Publication date: 2025-06-13
Last updated on: 2025-06-16
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the Game Review Block WordPress plugin. It occurs because the plugin does not properly sanitize and escape the 'className' parameter, allowing authenticated users with Contributor-level access or higher to inject malicious scripts. These scripts are then stored and executed whenever any user views the affected page, potentially compromising user security. [2]
How can this vulnerability impact me? :
The vulnerability can allow an attacker with Contributor-level access to inject arbitrary web scripts into pages. When other users visit these pages, the malicious scripts execute in their browsers, which can lead to theft of sensitive information, session hijacking, or other malicious actions. This compromises the security and integrity of the website and its users. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your WordPress installation is running the Game Review Block plugin version 4.8.1 or earlier, which is vulnerable to stored XSS via the 'className' parameter. To detect exploitation attempts, you can monitor HTTP requests for suspicious payloads in the 'className' parameter, especially from authenticated users with Contributor-level access or higher. For example, you can use web server logs or a tool like grep to search for suspicious script tags or unusual input in POST requests to the plugin's endpoints. A sample command to search Apache logs for suspicious 'className' parameter usage might be: grep -i 'className=.*<script' /var/log/apache2/access.log. Additionally, scanning the database for injected scripts in pages generated by the plugin could help detect stored XSS payloads. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Game Review Block plugin to version 4.8.2 or later, where the issue has been fixed by properly sanitizing and escaping the 'className' parameter and other dynamic content. If updating is not immediately possible, restrict Contributor-level and higher user access to trusted users only, and monitor for suspicious activity. Applying the patch from version 4.8.2 that uses WordPress sanitization functions like sanitize_html_class(), esc_attr(), esc_html(), and esc_url() will prevent exploitation. [2]