CVE-2026-25025
Reflected XSS in VikRestaurants β€ 1.5.2 Enables Script Injection
Publication date: 2026-03-25
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| e4jvikwp | vikrestaurants | to 1.5.2 (inc) |
| e4j_srl | vikrestaurants | to 1.5.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-25025 is a medium severity Cross Site Scripting (XSS) vulnerability affecting the WordPress VikRestaurants Plugin versions up to and including 1.5.2.
This vulnerability allows attackers to inject malicious scripts, such as redirects, advertisements, or other HTML payloads, into websites running the vulnerable plugin.
These malicious scripts execute when visitors access the compromised site.
Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form, although the initial action can be initiated by an unauthenticated attacker.
How can this vulnerability impact me? :
This vulnerability can lead to attackers executing malicious scripts on your website, which can result in unauthorized redirects, display of unwanted advertisements, or other harmful HTML payloads.
Such exploitation can compromise the integrity and trustworthiness of your website, potentially harming your users and your site's reputation.
Because the attack can be initiated by an unauthenticated attacker but requires user interaction, it can be used in mass-exploit campaigns targeting many websites regardless of their traffic or popularity.
Immediate action, such as updating the plugin to version 1.5.3 or later, is strongly recommended to mitigate this risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a reflected Cross Site Scripting (XSS) issue in the VikRestaurants WordPress plugin up to version 1.5.2. Detection typically involves monitoring for suspicious HTTP requests that include malicious script payloads targeting the plugin's input fields.
You can detect potential exploitation attempts by inspecting web server logs for unusual query parameters or POST data containing script tags or JavaScript code.
Example commands to help detect such activity include:
- Using grep to search web server logs for suspicious script tags: grep -i '<script' /var/log/apache2/access.log
- Searching for common XSS payload patterns in logs: grep -E '(<script|javascript:|onerror=|onload=)' /var/log/apache2/access.log
- Using curl or a browser to test input fields with typical XSS payloads to see if they are reflected unescaped in responses.
Additionally, security tools or web application firewalls (WAFs) with rules targeting this vulnerability can help detect and block exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary and most effective immediate step to mitigate this vulnerability is to update the VikRestaurants WordPress plugin to version 1.5.3 or later, where the issue has been patched.
Until the update can be applied, it is recommended to implement Web Application Firewall (WAF) rules that specifically block attacks targeting this vulnerability.
You may also seek assistance from your hosting provider or web developers to apply temporary mitigations or monitor for exploitation attempts.
Avoid clicking on suspicious links or submitting untrusted input that could trigger the reflected XSS.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The CVE-2026-25025 vulnerability is a reflected Cross Site Scripting (XSS) issue that allows attackers to inject malicious scripts into websites running the vulnerable VikRestaurants plugin. Such vulnerabilities can lead to unauthorized access, data manipulation, or exposure of sensitive information.
While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, vulnerabilities like reflected XSS can potentially impact compliance by exposing personal or sensitive data to attackers, violating data protection requirements.
Therefore, organizations using the affected plugin should promptly apply patches or mitigations to reduce the risk of data breaches and maintain compliance with relevant regulations.