CVE-2025-6012
BaseFortify
Publication date: 2025-06-13
Last updated on: 2025-06-16
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the Auto Attachments plugin for WordPress. It occurs because the plugin does not properly sanitize or escape input in the admin settings. As a result, an authenticated attacker with administrator-level permissions can inject malicious scripts into pages. These scripts will execute whenever a user accesses the affected page. This vulnerability specifically affects multisite WordPress installations or installations where the unfiltered_html setting is disabled.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with admin privileges to inject arbitrary web scripts that execute in the context of users visiting the affected pages. This can lead to unauthorized actions such as stealing user credentials, performing actions on behalf of users, or spreading malware. Since it affects multisite installations, the impact can extend across multiple sites within the network. The vulnerability requires high privileges to exploit but can compromise confidentiality, integrity, and availability of the affected sites.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Auto Attachments plugin version is up to and including 1.8.5 on a WordPress multisite installation where unfiltered_html is disabled. Since the vulnerability involves stored cross-site scripting via admin settings, detection involves verifying plugin version and multisite configuration. There are no specific commands provided in the resources to detect exploitation or presence of the vulnerability on the network or system. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Auto Attachments plugin to a version later than 1.8.5 where the vulnerability is fixed. Additionally, ensure that only trusted administrators have access to the WordPress admin area, especially on multisite installations. If updating is not immediately possible, consider disabling or uninstalling the plugin to prevent exploitation. Also, review and restrict the use of unfiltered_html capability to trusted users only. [1]