CVE-2025-3919 is a cross-site scripting vulnerability classified under CWE-79, found in the WordPress Comments Import & Export plugin developed by webtoffee. The vulnerability stems from two primary issues: a missing capability check in the save_settings function and inadequate sanitization and escaping of FTP settings parameters. This combination allows an authenticated attacker with at least Subscriber-level privileges to inject arbitrary JavaScript code into the plugin's settings page. When an administrative user accesses this page, the injected script executes in their browser context, potentially enabling unauthorized modification of plugin data or other malicious actions within the admin session. The vulnerability affects all plugin versions up to and including 2.4.3. Partial remediation was introduced in version 2.4.3, with a complete fix implemented in version 2.4.4. The CVSS v3.1 score is 6.4, reflecting a medium severity with network attack vector, low attack complexity, and requiring privileges but no user interaction. No known exploits have been reported in the wild, but the vulnerability poses a risk due to the potential for privilege escalation and data manipulation within WordPress environments.

The vulnerability allows attackers with low-level authenticated access (Subscriber or higher) to execute arbitrary scripts in the context of an administrative user, which can lead to unauthorized data modification, privilege escalation, or persistent compromise of the WordPress site. This can undermine the integrity of the website's comment import/export functionality and potentially affect other administrative operations. The attack vector is remote and requires only low privileges, increasing the risk in environments where user roles are not tightly controlled. Organizations relying on this plugin for comment management may face data integrity issues, unauthorized configuration changes, or further exploitation through chained attacks. While availability is not directly impacted, the confidentiality and integrity of administrative operations are at risk, potentially leading to broader site compromise or data leakage.

Organizations should immediately upgrade the WordPress Comments Import & Export plugin to version 2.4.4 or later, where the vulnerability is fully patched. Until upgrading, restrict Subscriber-level and higher user roles from accessing the plugin settings page to limit exposure. Implement strict role-based access controls and audit user permissions regularly to ensure minimal privilege principles are enforced. Additionally, monitor administrative pages for unusual activity or injected scripts. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious input patterns targeting the plugin's FTP settings parameters. Regularly review plugin updates and security advisories from the vendor and WordPress community to stay informed about emerging threats and patches.