CVE-2025-24573 is a DOM-based Cross-site Scripting (XSS) vulnerability affecting Softaculous PageLayer, a WordPress page builder plugin, in versions up to and including 1.9.4. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing malicious scripts to be injected and executed in the victim's browser context. Unlike reflected or stored XSS, DOM-based XSS occurs entirely on the client side, manipulating the Document Object Model without new pages being loaded from the server. This can be exploited by attackers to execute arbitrary JavaScript, potentially leading to session hijacking, credential theft, or unauthorized actions performed with the victim's privileges. The vulnerability does not require authentication, increasing its risk profile. No patches or official fixes are currently linked, and no known exploits have been observed in the wild as of the publication date. However, the widespread use of PageLayer in WordPress sites makes this a relevant threat vector. The lack of a CVSS score necessitates an assessment based on impact and exploitability factors.

The impact of CVE-2025-24573 can be significant for organizations using Softaculous PageLayer on their websites. Successful exploitation can compromise user confidentiality by stealing cookies, session tokens, or other sensitive data accessible via the browser. It can also affect integrity by enabling attackers to perform unauthorized actions on behalf of users, such as changing account settings or injecting malicious content. Availability is less directly impacted but could be affected if attackers use the vulnerability to deliver malware or conduct phishing campaigns. Since the vulnerability is client-side and does not require authentication, it can be exploited by any visitor to a vulnerable site, increasing the attack surface. Organizations with high-traffic websites or those handling sensitive user data are at greater risk. Additionally, reputational damage and regulatory consequences may arise from successful exploitation.

To mitigate CVE-2025-24573, organizations should first monitor for and apply any official patches or updates released by Softaculous for PageLayer beyond version 1.9.4. In the absence of patches, implement strict Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the risk of XSS exploitation. Review and sanitize all user inputs and URL parameters that influence client-side scripts, ensuring proper encoding and validation before use in the DOM. Employ security-focused code reviews and use automated tools to detect unsafe DOM manipulations. Additionally, consider disabling or limiting the use of PageLayer on critical sites until a fix is available. Educate developers and administrators about the risks of DOM-based XSS and best practices for secure client-side scripting. Finally, monitor web traffic for unusual activity that may indicate exploitation attempts.