CVE-2025-8400
BaseFortify
Publication date: 2025-08-02
Last updated on: 2025-08-04
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | wordpress | * |
| aumsrini | image_gallery | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Image Gallery plugin for WordPress (up to version 1.0.0) is a Reflected Cross-Site Scripting (XSS) flaw. It occurs because the plugin does not properly sanitize or escape user input before displaying it on web pages. This allows unauthenticated attackers to inject malicious scripts into pages, which then execute in the browsers of users who visit those pages.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary scripts in the context of your website's users. This can lead to theft of user credentials, session hijacking, defacement of the website, or distribution of malware. Since the attack is reflected and requires a user to access a crafted URL or page, it can be used to target users of the site without needing authentication.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if the WordPress site is running the Image Gallery plugin version 1.0.0 or earlier, which is known to be vulnerable. Detection can involve checking for reflected Cross-Site Scripting (XSS) by sending crafted HTTP requests with script payloads in input fields or URL parameters related to the plugin and observing if the script is reflected and executed in the response. For example, you can use curl to send a request with a script payload to a page that uses the plugin's shortcode or gallery display, such as: curl -i "http://yourwordpresssite.com/?bee_gallery_page=<script>alert(1)</script>" If the script is reflected in the response HTML without proper escaping, the vulnerability is present. Additionally, scanning tools that detect reflected XSS vulnerabilities in WordPress plugins can be used. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or uninstalling the Image Gallery plugin version 1.0.0 or earlier, as it is no longer maintained and contains the vulnerability. Since the plugin has been closed and is no longer available for download or updates, removing it from your WordPress installation is recommended. Additionally, restrict user input and sanitize or escape output related to gallery pages if you maintain custom code. Applying Web Application Firewall (WAF) rules to block reflected XSS payloads targeting the plugin's parameters can also help mitigate exploitation until the plugin is removed. [1]