CVE-2025-58620
BaseFortify
Publication date: 2025-09-03
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | pdf_for_wpforms | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-site Scripting (XSS) issue in the WordPress PDF for WPForms Plugin versions up to 6.2.1. It allows attackers with contributor-level privileges to inject malicious scripts, such as redirects or advertisements, into websites using the plugin. These scripts execute when visitors access the affected site, potentially compromising site functionality or user data. [1]
How can this vulnerability impact me? :
The vulnerability can lead to malicious scripts running on your website, which may redirect visitors, display unwanted advertisements, or execute other harmful HTML payloads. This can degrade user experience, damage your site's reputation, and potentially lead to further security issues. Although the severity is considered low (CVSS 6.5), exploitation requires contributor-level access, and timely updates are recommended to prevent automated or opportunistic attacks. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the WordPress site is running PDF for WPForms plugin version 6.2.1 or earlier, as these versions are vulnerable. Since exploitation requires contributor-level privileges and involves injection of malicious scripts, scanning for unusual or unauthorized script injections in web pages generated by the plugin can help. However, plugin-based malware scanners are often compromised. It is recommended to use professional incident response services or hosting provider malware scanning to detect compromise. No specific commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the PDF for WPForms plugin to version 6.3.0 or later, where the vulnerability is fixed. Additionally, Patchstack offers virtual patching (vPatching) to auto-mitigate this vulnerability even before official patches are applied. Timely updates are recommended to prevent opportunistic automated attacks. [1]