CVE-2025-58651
BaseFortify
Publication date: 2025-09-22
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| playerjs | playerjs | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross Site Scripting (XSS) issue in the PlayerJS WordPress plugin (versions up to 2.24). It allows attackers with contributor-level access to inject malicious scripts, such as redirects or advertisements, into web pages generated by the plugin. These scripts execute when visitors access the affected site, potentially compromising user interactions or site integrity. [1]
How can this vulnerability impact me? :
The vulnerability can lead to attackers injecting malicious scripts into your website, which may execute when visitors access your site. This can result in unwanted redirects, display of unauthorized advertisements, or other harmful HTML payloads. Such actions can degrade user trust, harm your site's reputation, and potentially lead to further security issues. Exploitation requires contributor-level access, and no official patch is currently available, though virtual patching is offered as a mitigation. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying malicious script injections in websites using the PlayerJS plugin up to version 2.24. Since plugin-based malware scanners may be unreliable, it is recommended to monitor HTTP traffic for suspicious payloads or injected scripts. Specific commands are not provided in the resources, but network administrators can use tools like 'curl' or 'wget' to fetch web pages and 'grep' or 'grep -P' to search for suspicious script tags or payloads in the HTML responses. Additionally, web application firewalls (WAFs) with virtual patching capabilities can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) as provided by Patchstack, which auto-mitigates the vulnerability without impacting performance. Since no official fix or patched version is currently available, virtual patching offers rapid protection against automated attacks targeting unpatched sites. Users should also seek professional incident response or assistance from their hosting provider if their sites are compromised. Restricting contributor-level access can reduce exploitation risk, as the vulnerability requires such privileges. [1]