CVE-2025-13625
BaseFortify
Publication date: 2025-12-05
Last updated on: 2025-12-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| switch2mac | wp-sos-donate | 0.9.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Reflected Cross-Site Scripting (XSS) issue in the WP-SOS-Donate Donation Sidebar Plugin for WordPress. It occurs because the plugin does not properly sanitize or escape the $_SERVER['PHP_SELF'] parameter, allowing attackers to inject malicious scripts. These scripts can execute in the context of a user's browser if the user is tricked into clicking a crafted link.
How can this vulnerability impact me? :
An attacker can exploit this vulnerability to execute arbitrary scripts in the browser of users who click on a malicious link. This can lead to theft of sensitive information, session hijacking, or other malicious actions performed on behalf of the user without their consent.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing for Reflected Cross-Site Scripting (XSS) via the `$_SERVER['PHP_SELF']` parameter in the WP-SOS-Donate plugin's pages. Since the vulnerability involves unsanitized use of `$_SERVER['PHP_SELF']`, you can attempt to access the plugin's settings page or any page where the plugin is active with a crafted URL containing script tags in the URL path to see if the script is reflected and executed. For example, you can use curl or a browser to request a URL like: `http://yourwordpresssite/wp-admin/admin.php?page=wp-sos-donate_options.php/<script>alert(1)</script>`. If the alert executes or the script tag appears in the response unescaped, the vulnerability is present. Additionally, monitoring HTTP requests for suspicious URL patterns containing script tags targeting the plugin's pages can help detect exploitation attempts. Specific commands might include: `curl -i 'http://yourwordpresssite/wp-admin/admin.php?page=wp-sos-donate_options.php/<script>alert(1)</script>'` or using browser developer tools to inspect the response for reflected scripts. [3, 4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Disable or deactivate the WP-SOS-Donate plugin until a secure version is released, as the plugin has been removed from availability pending a security review. 2. Restrict access to the plugin's settings page to trusted administrators only, ensuring that only users with the `manage_wpsos` capability can access it. 3. Avoid clicking on suspicious links that might exploit the reflected XSS vulnerability. 4. Monitor your WordPress site for unusual activity or unauthorized changes in the plugin's settings. 5. Apply any patches or updates provided by the plugin developer once available. Since the plugin is no longer available for download and was last updated 16 years ago, consider replacing it with a maintained alternative plugin that provides similar functionality without known vulnerabilities. [2, 3]