CVE-2025-68012
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dmytro_shteflyuk | codecolorer | to 0.10.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68012 is a medium severity Stored Cross Site Scripting (XSS) vulnerability in the WordPress CodeColorer Plugin (versions up to and including 0.10.1). It allows unauthenticated attackers to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, into websites using the plugin. These scripts execute in the context of the affected site when a privileged user interacts with crafted content, enabling attackers to perform unauthorized actions. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary scripts on your website, potentially leading to unauthorized redirects, content injection, and other malicious activities. This can compromise the security and integrity of your site, affect user trust, and possibly lead to further exploitation if privileged users interact with the malicious content. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for attempts to inject malicious scripts into the CodeColorer plugin on affected WordPress sites. Since the vulnerability allows stored Cross-Site Scripting (XSS), you can look for suspicious input patterns or payloads in web requests or stored content. Specific commands are not provided in the available resources, but applying web application firewall (WAF) rules or scanning for unusual script injections in plugin-related inputs is recommended. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the mitigation rule issued by Patchstack to block attacks targeting this vulnerability until an official patch is released. Users should implement this mitigation immediately to protect their websites. Since no official fix is available as of the publication date, using WAF rules or other security controls to block malicious payloads is advised. [1]