CVE-2026-25341
Received Received - Intake
Stored XSS in RSJoomla! RSFirewall! Allows Persistent Script Injection

Publication date: 2026-03-25

Last updated on: 2026-04-23

Assigner: Patchstack

Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RSJoomla! RSFirewall! rsfirewall allows Stored XSS.This issue affects RSFirewall!: from n/a through <= 1.1.45.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-04-23
Generated
2026-06-16
AI Q&A
2026-03-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-25341
EUVD
EUVD-2026-15653
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
rsjoomla rsfirewall to 1.1.45 (inc)
rsjoomla rsfirewall From 1.1.0 (inc) to 1.1.45 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can impact you by allowing attackers to inject and execute malicious scripts on your website.

These scripts can perform harmful actions such as redirecting visitors to malicious sites, displaying unwanted advertisements, or stealing sensitive information.

Because the malicious code executes in the context of your website, it can affect all visitors, potentially damaging your site's reputation and leading to widespread exploitation.

Exploitation does not require authentication, increasing the risk of attack.

Executive Summary

CVE-2026-25341 is a medium severity Cross Site Scripting (XSS) vulnerability affecting the WordPress RSFirewall! plugin versions up to and including 1.1.45.

This vulnerability allows attackers to inject malicious scriptsβ€”such as redirects, advertisements, or other HTML payloadsβ€”into websites running the affected plugin.

These malicious scripts execute when visitors access the compromised site, potentially leading to widespread exploitation in mass-attack campaigns.

Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form, although no authentication is required to initiate the attack.

The vulnerability is classified under OWASP Top 10 category A3: Injection.

Detection Guidance

This vulnerability is a Stored Cross Site Scripting (XSS) issue in the RSFirewall! WordPress plugin up to version 1.1.45. Detection typically involves identifying malicious script injections in web pages generated by the affected plugin.

While no specific commands are provided in the available resources, common detection methods include scanning web pages for suspicious injected scripts or using web vulnerability scanners that detect XSS vulnerabilities.

Additionally, monitoring HTTP traffic for unusual script payloads or using security tools that can detect exploitation attempts targeting RSFirewall! plugin versions up to 1.1.45 can help identify this vulnerability.

Mitigation Strategies

The primary mitigation step is to update the RSFirewall! plugin to version 1.1.46 or later, which contains the patch that resolves this Stored XSS vulnerability.

If immediate updating is not possible, applying the automatic mitigation rule provided by Patchstack to block attacks targeting this vulnerability is recommended.

Users unable to update or apply the mitigation rule should seek assistance from their hosting provider or web developer.

Enabling auto-update functionality for the RSFirewall! plugin can also help ensure timely protection against this and future vulnerabilities.

Compliance Impact

The provided information does not specify how the CVE-2026-25341 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25341. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart