CVE-2025-5275 is a stored Cross-Site Scripting (XSS) vulnerability identified in the Charitable – Donation Plugin for WordPress, specifically versions up to and including 1.8.6.1. This plugin is used for managing fundraising campaigns with recurring donations. The vulnerability arises from improper neutralization of input during web page generation (CWE-79), particularly in the privacy settings fields. Due to insufficient input sanitization and output escaping, an authenticated attacker with administrator-level privileges can inject arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page. The vulnerability specifically affects multi-site WordPress installations or installations where the unfiltered_html capability is disabled, limiting the ability to filter HTML content. The issue was partially addressed in version 1.8.6.1 and fully remediated in version 1.8.6.2. The CVSS v3.1 base score is 4.4 (medium severity), reflecting that exploitation requires high privileges (administrator access), no user interaction is needed, and the attack vector is network-based. The impact primarily affects confidentiality and integrity, with no direct availability impact. No known exploits are currently reported in the wild. This vulnerability highlights the risks associated with insufficient input validation in plugins that handle user-generated content, especially in administrative contexts within WordPress multi-site environments.

For European organizations, especially non-profits and charities relying on the Charitable plugin for WordPress to manage donations and fundraising, this vulnerability poses a risk of unauthorized script execution within their administrative and user-facing web pages. Successful exploitation could lead to theft of sensitive information such as session cookies, user credentials, or personal data of donors, potentially violating GDPR requirements. It could also enable attackers to perform actions on behalf of legitimate users, undermining data integrity and trust in the platform. Since the vulnerability requires administrator-level access, the threat is somewhat mitigated by internal access controls; however, insider threats or compromised admin accounts could be leveraged. Multi-site WordPress installations, common in larger organizations or networks of affiliated charities, are particularly at risk. The lack of known exploits suggests limited immediate threat, but the potential for targeted attacks exists. The impact on availability is minimal, but reputational damage and regulatory consequences from data leakage could be significant.

Upgrade the Charitable plugin to version 1.8.6.2 or later, where the vulnerability is fully fixed. Restrict administrator-level access strictly to trusted personnel and enforce strong authentication mechanisms such as multi-factor authentication (MFA). For multi-site WordPress installations, review and harden privacy settings and input validation configurations to minimize exposure. Implement Web Application Firewalls (WAFs) with rules to detect and block suspicious script injection attempts targeting the plugin's privacy settings fields. Regularly audit and monitor administrative activities and plugin configurations for unusual changes or suspicious behavior. Educate administrators about the risks of XSS vulnerabilities and safe handling of plugin settings. If upgrading immediately is not feasible, consider disabling or limiting the use of the affected privacy settings fields in the plugin as a temporary workaround. Ensure that the WordPress installation and all plugins follow the principle of least privilege and are kept up to date. Conduct periodic security assessments focusing on multi-site WordPress environments to detect similar vulnerabilities.