CVE-2025-48250 is a stored Cross-site Scripting (XSS) vulnerability identified in the WordPress plugin 'Coupons & Add to Cart by URL Links for WooCommerce' developed by WPFactory. This vulnerability arises due to improper neutralization of input during web page generation, classified under CWE-79. Specifically, the plugin fails to adequately sanitize or encode user-supplied input before rendering it on web pages, allowing malicious scripts to be stored and subsequently executed in the context of users' browsers. The affected versions include all versions up to 1.7.7. The CVSS v3.1 base score is 6.5, indicating a medium severity level. The vector string (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) reveals that exploitation requires network access, low attack complexity, privileges of a logged-in user, and user interaction (such as clicking a crafted link). The vulnerability impacts confidentiality, integrity, and availability to a limited extent but can lead to session hijacking, defacement, or unauthorized actions performed on behalf of users. No public exploits are currently known in the wild, and no patches have been linked yet. The vulnerability is significant because WooCommerce is a widely used e-commerce platform, and this plugin facilitates coupon and cart management via URL links, a feature that may be used by many online stores. Attackers exploiting this vulnerability could inject malicious JavaScript that executes when other users or administrators view affected pages, potentially compromising user accounts or site integrity. The scope is changed (S:C), meaning the vulnerability affects resources beyond the vulnerable component itself, increasing risk. Overall, this vulnerability represents a moderate risk to WooCommerce-based e-commerce sites using this plugin, especially if attackers can lure privileged users into interacting with crafted URLs or content.

For European organizations operating WooCommerce-based e-commerce websites using the WPFactory Coupons & Add to Cart by URL Links plugin, this vulnerability poses a tangible risk to both customer data and business operations. Successful exploitation could lead to theft of session cookies, enabling attackers to impersonate users or administrators, potentially resulting in unauthorized transactions, data leakage, or site defacement. This undermines customer trust and may lead to regulatory non-compliance under GDPR due to exposure of personal data. The integrity of promotional campaigns and pricing could be compromised, affecting revenue and brand reputation. Additionally, availability impacts, though limited, could disrupt shopping experiences. European e-commerce businesses, especially SMEs relying on WooCommerce plugins for marketing and sales efficiency, may find themselves vulnerable to targeted phishing or social engineering attacks leveraging this flaw. Given the interconnected nature of EU digital markets, a compromised site could also be used as a vector for broader attacks or malware distribution, amplifying the threat landscape.

1. Immediate mitigation involves updating the plugin to a patched version once released by WPFactory. Until then, consider disabling or removing the plugin if feasible. 2. Implement strict input validation and output encoding on all user-supplied data within the plugin, particularly for parameters that influence coupon codes or cart URLs. 3. Employ Web Application Firewalls (WAFs) with rules targeting common XSS payloads to detect and block malicious requests. 4. Restrict plugin usage to trusted users only, minimizing the number of accounts with privileges to add or modify coupons or cart URLs. 5. Educate administrators and users about the risks of clicking on untrusted links, especially those related to coupon or cart URLs. 6. Monitor logs for unusual activities or repeated attempts to inject scripts via coupon or cart URL parameters. 7. Use Content Security Policy (CSP) headers to limit the execution of unauthorized scripts on the website. 8. Regularly audit and scan the website for XSS vulnerabilities using automated tools and manual testing. 9. Coordinate with WPFactory for timely updates and security advisories to stay informed about patches and fixes.