CVE-2025-8313
BaseFortify
Publication date: 2025-08-05
Last updated on: 2025-08-05
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| emarket-design | campus_directory | 1.9.2 |
| emarket-design | campus_directory | 1.9.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8313 is a Stored Cross-Site Scripting (XSS) vulnerability in the Campus Directory WordPress plugin, specifically in the 'noaccess_msg' parameter. This vulnerability exists in all versions up to and including 1.9.1 due to insufficient input sanitization and output escaping. Authenticated users with Contributor-level access or higher can inject malicious scripts into pages via this parameter. These scripts execute whenever any user accesses the affected page, potentially compromising site security. The issue was fixed in version 1.9.2 by properly sanitizing and escaping the 'noaccess_msg' content before rendering it on the frontend. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow authenticated attackers with Contributor-level access or above to inject arbitrary malicious scripts into the website pages via the 'noaccess_msg' parameter. When other users visit these pages, the injected scripts execute in their browsers, potentially leading to theft of user credentials, session hijacking, defacement, or other malicious actions. This compromises the security and integrity of the website and its users. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Campus Directory WordPress plugin version is 1.9.1 or earlier, as these versions are vulnerable to stored XSS via the 'noaccess_msg' parameter. To detect exploitation attempts, you can monitor HTTP requests or logs for suspicious input in the 'noaccess_msg' parameter or look for injected scripts in pages rendered by the plugin. Since the vulnerability requires authenticated users with Contributor-level access or higher, reviewing user activity logs for unusual changes to the 'noaccess_msg' setting or other plugin settings may help. There are no specific commands provided in the resources, but general WordPress plugin version checks can be done via WP-CLI with: `wp plugin list --status=active` to verify the plugin version. Additionally, searching the database for suspicious script tags in the 'noaccess_msg' field or related options may help detect exploitation. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Campus Directory WordPress plugin to version 1.9.2 or later, where the vulnerability has been fixed by properly sanitizing and escaping the 'noaccess_msg' parameter. Until the update can be applied, restrict Contributor-level and higher user permissions to trusted users only, as the vulnerability requires authenticated users with such access. Additionally, review and sanitize any existing 'noaccess_msg' content to remove potentially malicious scripts. Implementing Web Application Firewall (WAF) rules to block suspicious script injections in plugin-related pages may also help mitigate risk temporarily. [1, 2]