Skip to main content

CVE-2025-4775: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in dcooney WordPress Infinite Scroll – Ajax Load More

Medium
VulnerabilityCVE-2025-4775cvecve-2025-4775cwe-79
Published: Tue Jun 17 2025 (06/17/2025, 01:44:10 UTC)
Source: CVE Database V5
Vendor/Project: dcooney
Product: WordPress Infinite Scroll – Ajax Load More

Description

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

AI-Powered Analysis

AILast updated: 06/17/2025, 02:20:33 UTC

Technical Analysis

CVE-2025-4775 is a stored Cross-Site Scripting (XSS) vulnerability affecting the WordPress Infinite Scroll – Ajax Load More plugin developed by dcooney. This plugin is widely used to implement infinite scrolling functionality on WordPress sites, allowing content to load dynamically as users scroll down a page. The vulnerability arises from improper neutralization of input during web page generation, specifically via the data-button-label HTML attribute. Versions up to and including 7.4.0.1 are affected, with no patch currently available. The root cause is insufficient input sanitization and output escaping, which allows authenticated users with Contributor-level privileges or higher to inject arbitrary JavaScript code into pages. Because the malicious script is stored persistently, it executes whenever any user accesses the compromised page, potentially affecting all visitors. The CVSS 3.1 base score is 6.4 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity (C:L/I:L), with no impact on availability (A:N). The scope change indicates that the vulnerability affects resources beyond the initially vulnerable component, increasing the potential impact. No known exploits are currently reported in the wild. This vulnerability is classified under CWE-79, which covers improper neutralization of input leading to XSS attacks. The exploitation requires authenticated access with at least Contributor privileges, which is a moderate barrier but feasible in many WordPress environments where multiple users have such roles. Once exploited, attackers can execute arbitrary scripts in the context of the affected site, potentially leading to session hijacking, defacement, or distribution of malware.

Potential Impact

For European organizations using WordPress sites with the Infinite Scroll – Ajax Load More plugin, this vulnerability poses a significant risk to website integrity and user trust. The ability for authenticated contributors to inject persistent malicious scripts can lead to unauthorized actions such as stealing user credentials, session tokens, or performing actions on behalf of users. This can result in data breaches, defacement of public-facing websites, and damage to brand reputation. Organizations in sectors like e-commerce, media, government, and education, which often rely on WordPress for content management and have multiple contributors, are particularly at risk. The scope change in the vulnerability means that the impact can extend beyond the plugin itself, potentially affecting other components or user sessions. Although no availability impact is noted, the confidentiality and integrity impacts can lead to regulatory compliance issues under GDPR if personal data is compromised. The requirement for Contributor-level access limits the risk from anonymous attackers but does not eliminate it, especially in environments with many contributors or weak internal access controls. The lack of known exploits in the wild suggests that immediate widespread attacks are unlikely, but the medium severity and ease of exploitation by insiders or compromised accounts warrant prompt attention.

Mitigation Recommendations

European organizations should implement the following specific mitigation steps: 1) Immediately audit WordPress installations to identify the presence and version of the Infinite Scroll – Ajax Load More plugin. 2) Restrict Contributor-level privileges strictly to trusted users and review user roles to minimize the number of users with such access. 3) Implement Web Application Firewall (WAF) rules tailored to detect and block suspicious payloads targeting the data-button-label attribute or typical XSS patterns in HTTP requests. 4) Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts on affected sites, mitigating the impact of injected scripts. 5) Monitor logs and user activities for unusual behavior indicative of exploitation attempts, such as unexpected changes to page content or injection patterns. 6) Since no patch is currently available, consider temporarily disabling or replacing the plugin with alternative infinite scroll solutions that have been verified secure. 7) Educate content contributors about the risks of injecting untrusted content and enforce input validation on all user-generated content. 8) Prepare incident response plans to quickly address any detected exploitation. These measures go beyond generic advice by focusing on role management, WAF tuning, CSP implementation, and proactive monitoring tailored to this specific vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Wordfence
Date Reserved
2025-05-15T13:49:53.891Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6850cd28a8c921274384f3aa

Added to database: 6/17/2025, 2:04:24 AM

Last enriched: 6/17/2025, 2:20:33 AM

Last updated: 8/15/2025, 3:15:48 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats