CVE-2025-9115
BaseFortify
Publication date: 2025-09-22
Last updated on: 2025-09-22
Assigner: WPScan
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | etsy_shop | 3.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9115 is a reflected Cross-Site Scripting (XSS) vulnerability in the Etsy Shop WordPress plugin versions before 3.0.7. The plugin does not properly escape the $_SERVER['REQUEST_URI'] parameter before outputting it inside an HTML attribute. This allows attackers to inject malicious scripts that execute in the victim's browser, especially in older browsers that do not encode URL characters properly. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary JavaScript in the context of a user's browser when they visit a crafted URL. This can lead to theft of sensitive information, session hijacking, or other malicious actions performed on behalf of the user without their consent. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing for reflected Cross-Site Scripting (XSS) in the Etsy Shop WordPress plugin versions prior to 3.0.7. One way is to access a crafted URL that injects a script into the `$_SERVER['REQUEST_URI']` parameter and observe if the script executes. For example, you can use a browser or a tool like curl or wget to request a URL such as: https://example.com/wp-admin/options-general.php?page=etsy-shop.php&b=""><svg/onload=alert(/XSS/)> If the JavaScript alert executes, the site is vulnerable. Additionally, automated web vulnerability scanners that test for reflected XSS can be used to detect this issue. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Etsy Shop WordPress plugin to version 3.0.7 or later, where the issue has been fixed by properly escaping the `$_SERVER['REQUEST_URI']` parameter. Until the update can be applied, consider implementing web application firewall (WAF) rules to block suspicious requests containing script injection patterns targeting the vulnerable parameter. [1]