CVE-2025-68858
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| casey_bisson | wpcas | to 1.07 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68858 is a medium severity Reflected Cross Site Scripting (XSS) vulnerability in the WordPress wpCAS Plugin versions up to and including 1.07. It allows an attacker to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, into a website. These scripts execute when visitors access the compromised site. The vulnerability falls under OWASP Top 10 A3: Injection and does not require authentication to exploit, but does require user interaction like clicking a malicious link or visiting a crafted page. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute malicious scripts on your website, which can lead to unauthorized redirects, display of unwanted advertisements, theft of user data, or other malicious actions. It compromises the security and integrity of your website and can harm your users by exposing them to malicious content. Since exploitation requires user interaction, users might be tricked into clicking malicious links or submitting forms that trigger the attack. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for attempts to inject malicious scripts via URLs or form inputs targeting the wpCAS plugin. Since it is a reflected XSS, you can look for suspicious HTTP requests containing script tags or typical XSS payloads in query parameters or POST data. Using web application firewall (WAF) logs or intrusion detection systems (IDS) with signatures for reflected XSS can help. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the Patchstack mitigation rule designed to block attacks targeting this vulnerability until an official patch is released. Users should implement this mitigation immediately to protect their sites. Since no official fix is available yet, applying this rule is the recommended action. [1]