CVE-2025-22518 identifies a stored cross-site scripting (XSS) vulnerability in the PluginsPoint Justified Image Gallery plugin, which is used to display image galleries on websites. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing malicious scripts to be stored persistently within the plugin's data. When a victim visits a page containing the injected payload, the malicious script executes in their browser context. This can lead to theft of session cookies, defacement of the website, or redirection to malicious sites. The vulnerability affects all versions up to and including 1.0 of the plugin. No CVSS score has been assigned yet, and no patches or known exploits have been reported at the time of publication. The exploit does not require authentication or user interaction beyond visiting the affected page, making it relatively easy to exploit. Stored XSS vulnerabilities are particularly dangerous because the malicious payload is served to every visitor, increasing the attack surface and potential damage. The plugin is commonly used in WordPress environments, which are widely deployed globally, increasing the scope of affected systems. The lack of immediate patches means that affected organizations must rely on alternative mitigations until an official fix is released.

The impact of this stored XSS vulnerability is significant for organizations running the affected plugin on their websites. Attackers can execute arbitrary JavaScript in the context of users’ browsers, leading to session hijacking, credential theft, unauthorized actions on behalf of users, and distribution of malware. This can compromise user privacy and trust, damage brand reputation, and potentially lead to regulatory penalties if sensitive user data is exposed. The vulnerability can also facilitate further attacks such as phishing or drive-by downloads. Since the exploit requires no authentication and minimal user interaction, it can be leveraged by attackers to target a broad audience, including site administrators and visitors. Websites with high traffic or those handling sensitive information are at greater risk of severe consequences. Additionally, the persistence of the malicious payload means that the attack can continue until the vulnerability is remediated, increasing the window of exposure.

To mitigate this vulnerability, organizations should immediately monitor for updates or patches released by PluginsPoint and apply them as soon as they become available. Until an official patch is released, implement strict input validation and sanitization on all user-supplied data that the plugin processes, ensuring that scripts and HTML tags are properly escaped or removed. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. Regularly audit and sanitize existing content stored by the plugin to detect and remove any malicious payloads. Limit user permissions to reduce the risk of unauthorized content injection. Additionally, educate site administrators and users about the risks of XSS and encourage the use of security plugins that can detect and block XSS attacks. Conduct regular security assessments and penetration testing focused on web application vulnerabilities to identify and remediate similar issues proactively.