CVE-2025-13418 is a stored Cross-Site Scripting (XSS) vulnerability identified in the Responsive Pricing Table plugin for WordPress, developed by spwebguy. This vulnerability affects all versions up to and including 5.1.12. The root cause is insufficient sanitization and escaping of user-supplied input in the 'plan_icons' parameter, which is used during web page generation. Authenticated users with Author-level privileges or higher can exploit this flaw by injecting arbitrary JavaScript code into pages rendered by the plugin. When other users access these pages, the malicious scripts execute in their browsers, potentially leading to session hijacking, privilege escalation, or unauthorized actions within the context of the victim's session. The vulnerability has a CVSS 3.1 base score of 6.4, indicating medium severity. The attack vector is network-based, requiring low attack complexity and privileges but no user interaction. The scope is changed because the vulnerability affects multiple users beyond the attacker. Confidentiality and integrity impacts are low, while availability is unaffected. No public exploits have been reported yet, but the vulnerability poses a risk to WordPress sites using this plugin, especially those with multiple contributors. The lack of a patch at the time of reporting necessitates interim mitigations such as restricting Author-level access and implementing manual input validation and output encoding.

For European organizations, this vulnerability can lead to unauthorized script execution within their WordPress sites, potentially compromising user sessions, leaking sensitive information, or enabling further attacks such as privilege escalation or defacement. Organizations relying on the Responsive Pricing Table plugin for pricing displays or marketing content face risks of reputational damage and loss of customer trust if exploited. Since the attack requires authenticated access at Author level or above, organizations with multiple content contributors or less restrictive access controls are more vulnerable. The confidentiality of user data and integrity of website content are primarily at risk, while availability remains unaffected. Exploitation could facilitate lateral movement within the web application or lead to injection of malicious payloads targeting site visitors. Given the widespread use of WordPress across Europe, especially in sectors like e-commerce, media, and education, the vulnerability could impact a broad range of organizations if not addressed promptly.

1. Monitor for and apply official patches or updates from the plugin vendor as soon as they become available. 2. Until a patch is released, restrict Author-level and higher privileges to trusted users only, minimizing the risk of malicious input injection. 3. Implement Web Application Firewall (WAF) rules specifically targeting suspicious input patterns in the 'plan_icons' parameter to block potential exploit attempts. 4. Conduct manual code reviews or deploy custom input sanitization and output encoding for the 'plan_icons' parameter within the plugin code or via WordPress hooks to neutralize malicious scripts. 5. Regularly audit user roles and permissions to ensure least privilege principles are enforced. 6. Educate content authors about the risks of injecting untrusted content and encourage safe content practices. 7. Monitor website logs and user activity for signs of exploitation or anomalous behavior related to this vulnerability. 8. Consider isolating or disabling the Responsive Pricing Table plugin if immediate mitigation is not feasible, especially on high-risk or public-facing sites.