CVE-2025-58858
BaseFortify
Publication date: 2025-09-05
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wpbean | wpb_image_widget | 1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the WPB Image Widget WordPress plugin (versions up to 1.1). It allows attackers with at least contributor-level privileges to inject malicious scripts into web pages generated by the plugin. These scripts can execute when visitors access the compromised website, potentially causing redirects, displaying unwanted advertisements, or executing other harmful HTML payloads. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to malicious scripts running in the browsers of visitors to your website. This can result in unwanted redirects, display of malicious advertisements, or other harmful actions that compromise user experience and security. It may also lead to partial loss of confidentiality, integrity, and availability of the affected website. However, exploitation requires contributor-level access, and the vulnerability is considered low severity with a CVSS score of 6.5. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the WPB Image Widget plugin version 1.1 or earlier is installed and looking for signs of stored XSS payloads in the widget inputs. Since exploitation requires contributor-level privileges, monitoring for unusual input or script injections in the widget content is important. No specific commands are provided, but professional incident response and server-side malware scanning are recommended, as plugin-based malware scanners may be unreliable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) offered by Patchstack, which provides automatic protection even without an official fix. Additionally, restricting contributor-level privileges to trusted users and monitoring for suspicious activity is advised. Since no official patch is available, seeking professional incident response and performing server-side malware scanning if compromise is suspected are recommended. [1]