CVE-2025-58261
BaseFortify
Publication date: 2025-09-22
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| presspage | mavis_https_to_http_redirection | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the WordPress Mavis HTTPS to HTTP Redirection Plugin versions up to 1.4.3. It allows an attacker to trick authenticated users with higher privileges into executing unwanted actions on the site without their consent. This can lead to stored Cross-Site Scripting (XSS) attacks, compromising site security. The plugin is abandoned and has no official fix, making it a persistent risk unless mitigated by virtual patching or removal. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to perform unauthorized actions on your website through CSRF, potentially leading to stored XSS attacks. This compromises the security of your site, possibly resulting in data theft, unauthorized changes, or further exploitation. Since the plugin is abandoned and unpatched, the risk remains unless you remove the plugin or apply virtual patches. It may also require professional incident response if a compromise occurs. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability cannot rely solely on plugin-based malware scanners. Since the vulnerability involves CSRF leading to Stored XSS in the Mavis HTTPS to HTTP Redirection plugin (version up to 1.4.3), detection involves checking if the vulnerable plugin version is installed and active. Network or system commands to detect the plugin version include inspecting the WordPress plugin directory or using WP-CLI commands such as 'wp plugin list' to identify the plugin and its version. Additionally, monitoring HTTP requests for suspicious CSRF attack patterns may help but no specific commands are provided. Professional incident response is recommended for compromised sites. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include removing and replacing the vulnerable Mavis HTTPS to HTTP Redirection plugin with an alternative solution, as no official patch or updated version is available. Applying a virtual patch (vPatch) provided by Patchstack can offer rapid protection even without an official fix. Deactivating the plugin alone does not eliminate the security risk. Users are also advised to seek professional incident response if their sites have been compromised. [1]