Skip to main content

CVE-2025-5536: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsemeteys Freemind Viewer

Medium
VulnerabilityCVE-2025-5536cvecve-2025-5536cwe-79
Published: Fri Jun 06 2025 (06/06/2025, 06:42:51 UTC)
Source: CVE Database V5
Vendor/Project: rsemeteys
Product: Freemind Viewer

Description

The Freemind Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'freemind' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

AI-Powered Analysis

AILast updated: 07/07/2025, 17:55:59 UTC

Technical Analysis

CVE-2025-5536 is a stored Cross-Site Scripting (XSS) vulnerability affecting the Freemind Viewer plugin for WordPress, developed by rsemeteys. This vulnerability exists in all versions up to and including 1.0 of the plugin. The root cause is insufficient input sanitization and output escaping on user-supplied attributes within the plugin's 'freemind' shortcode. Authenticated users with contributor-level access or higher can exploit this flaw by injecting arbitrary malicious scripts into pages. These scripts are then stored and executed whenever any user accesses the compromised page, potentially leading to session hijacking, defacement, or redirection to malicious sites. The vulnerability has a CVSS v3.1 base score of 6.4, indicating a medium severity level. The attack vector is network-based (remote), requires low attack complexity, and privileges at the level of an authenticated contributor. No user interaction is needed for the exploit to succeed once the malicious script is injected. The scope is changed, meaning the vulnerability can affect resources beyond the initially compromised component, such as other users viewing the injected content. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability falls under CWE-79, which relates to improper neutralization of input during web page generation, a common cause of XSS issues.

Potential Impact

For European organizations using WordPress sites with the Freemind Viewer plugin, this vulnerability poses a significant risk to the confidentiality and integrity of user sessions and data. Attackers with contributor-level access can inject malicious scripts that execute in the browsers of site visitors, potentially stealing authentication cookies, performing actions on behalf of users, or delivering malware. This can lead to unauthorized access, data breaches, reputational damage, and compliance violations under regulations like GDPR. Since the vulnerability does not require user interaction beyond visiting a compromised page, the risk of widespread exploitation is higher. The medium CVSS score reflects that while the attack requires some privilege, the impact on confidentiality and integrity is notable. Availability is not affected. European organizations with public-facing WordPress sites that allow contributor-level access to multiple users are particularly at risk. The stored nature of the XSS means the malicious payload persists, increasing exposure over time.

Mitigation Recommendations

European organizations should immediately audit their WordPress installations to identify the presence of the Freemind Viewer plugin and verify its version. Until an official patch is released, organizations should consider disabling or removing the plugin to eliminate the attack surface. Restrict contributor-level access strictly to trusted users and review user roles to minimize the number of users who can inject content. Implement Web Application Firewall (WAF) rules that detect and block suspicious script injections in the 'freemind' shortcode parameters. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts on affected sites. Regularly monitor site content for unexpected script tags or changes. Educate content contributors about the risks of injecting untrusted content. Once a patch is available, apply it promptly. Additionally, conduct penetration testing focused on XSS vulnerabilities to ensure no other similar issues exist.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Wordfence
Date Reserved
2025-06-03T15:09:24.613Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68429199182aa0cae20492e7

Added to database: 6/6/2025, 6:58:33 AM

Last enriched: 7/7/2025, 5:55:59 PM

Last updated: 8/6/2025, 5:13:21 PM

Views: 20

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats