CVE-2025-47502 is a stored Cross-site Scripting (XSS) vulnerability classified under CWE-79, affecting the Nick Mollie Forms plugin up to version 2.7.12. The vulnerability arises from improper neutralization of user-supplied input during web page generation, allowing malicious scripts to be stored and later executed in the context of users viewing the affected forms. This stored XSS can lead to unauthorized actions such as session hijacking, defacement, or redirection to malicious sites. The CVSS v3.1 score is 6.5 (medium severity) with vector AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L, indicating network attack vector, low attack complexity, requiring privileges and user interaction, and impacting confidentiality, integrity, and availability with a scope change. The vulnerability requires an attacker to have some level of privileges (PR:L) and user interaction (UI:R), but once exploited, it can affect multiple users due to the stored nature of the XSS. No known exploits are currently reported in the wild, and no patches are linked yet, suggesting the vulnerability is newly disclosed. Mollie Forms is a WordPress plugin used for creating forms, and improper input sanitization in form fields is the root cause. The vulnerability allows attackers to inject malicious JavaScript payloads that execute when other users or administrators view the compromised form entries or pages, potentially leading to credential theft, privilege escalation, or further compromise of the web application environment.

For European organizations using the Nick Mollie Forms plugin, this vulnerability poses a significant risk to web application security and user data confidentiality. Stored XSS can lead to session hijacking, unauthorized actions on behalf of users, and potential spread of malware or phishing attacks within the organization or its customers. The compromise of administrative accounts could result in broader system control loss. Given the medium severity and requirement for some privileges and user interaction, the risk is moderate but non-negligible, especially for organizations relying on web forms for customer interaction, data collection, or internal workflows. Data privacy regulations such as GDPR increase the stakes, as exploitation could lead to unauthorized data disclosure and regulatory penalties. The vulnerability could also damage organizational reputation if exploited to deface websites or distribute malicious content. Since no patches are currently available, organizations remain exposed until mitigations or updates are applied.

1. Immediate mitigation should include restricting access to form management interfaces to trusted users only, minimizing the number of users with privileges that could be leveraged to inject malicious input. 2. Implement Web Application Firewall (WAF) rules to detect and block common XSS payloads targeting the Mollie Forms plugin. 3. Employ Content Security Policy (CSP) headers to limit the execution of unauthorized scripts on affected pages. 4. Regularly audit and sanitize all user inputs manually or via additional security plugins that enforce strict input validation and output encoding. 5. Monitor logs and user activity for suspicious behavior indicative of XSS exploitation attempts. 6. Stay alert for official patches or updates from the vendor and apply them promptly once released. 7. Educate users and administrators about the risks of clicking on suspicious links or interacting with untrusted content within the forms. 8. Consider temporarily disabling the Mollie Forms plugin if the risk is deemed unacceptable and no immediate patch is available.