CVE-2025-5678: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in britner Gutenberg Blocks with AI by Kadence WP – Page Builder Features
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
AI Analysis
Technical Summary
CVE-2025-5678 is a stored Cross-Site Scripting (XSS) vulnerability identified in the 'Gutenberg Blocks with AI by Kadence WP – Page Builder Features' WordPress plugin, affecting all versions up to and including 3.5.10. The vulnerability arises from improper neutralization of input during web page generation, specifically through the 'redirectURL' parameter. Due to insufficient input sanitization and output escaping, authenticated users with Contributor-level privileges or higher can inject arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page, potentially leading to session hijacking, defacement, or further exploitation within the affected WordPress site. The vulnerability has a CVSS v3.1 base score of 6.4, categorized as medium severity, with an attack vector of network (remote), low attack complexity, requiring privileges (Contributor or above), no user interaction, and a scope change indicating that the vulnerability can affect components beyond the initially vulnerable plugin. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk given the widespread use of WordPress and the popularity of the Kadence WP plugin suite. The stored nature of the XSS means the malicious payload persists on the server, increasing the risk of repeated exploitation.
Potential Impact
For European organizations, this vulnerability can lead to unauthorized script execution within their WordPress-based websites, which are commonly used for corporate, governmental, and e-commerce portals. The exploitation could result in data theft, including user credentials and personal information, undermining GDPR compliance and potentially causing legal and reputational damage. Additionally, attackers could leverage the vulnerability to perform phishing attacks, deface websites, or pivot to other internal systems if further vulnerabilities exist. Given the Contributor-level access requirement, insider threats or compromised accounts could facilitate exploitation. The scope change in the CVSS vector indicates that the impact could extend beyond the plugin itself, potentially affecting other components or user sessions. This is particularly critical for European organizations that rely heavily on WordPress for public-facing and internal web applications, making them susceptible to service disruption and data breaches.
Mitigation Recommendations
European organizations should promptly update the 'Gutenberg Blocks with AI by Kadence WP – Page Builder Features' plugin to a patched version once available. Until a patch is released, administrators should restrict Contributor-level access strictly to trusted users and review existing Contributor accounts for suspicious activity. Implementing Web Application Firewalls (WAFs) with custom rules to detect and block malicious payloads targeting the 'redirectURL' parameter can provide temporary protection. Additionally, organizations should conduct thorough input validation and output encoding on all user-supplied data within their WordPress environment, possibly employing security plugins that enhance sanitization. Regular security audits and monitoring for unusual page content changes or script injections are recommended. Employing Content Security Policy (CSP) headers can help mitigate the impact of XSS by restricting script execution sources. Finally, educating content contributors about secure content practices and monitoring for privilege escalation attempts will reduce the risk of exploitation.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2025-5678: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in britner Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Description
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
AI-Powered Analysis
Technical Analysis
CVE-2025-5678 is a stored Cross-Site Scripting (XSS) vulnerability identified in the 'Gutenberg Blocks with AI by Kadence WP – Page Builder Features' WordPress plugin, affecting all versions up to and including 3.5.10. The vulnerability arises from improper neutralization of input during web page generation, specifically through the 'redirectURL' parameter. Due to insufficient input sanitization and output escaping, authenticated users with Contributor-level privileges or higher can inject arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page, potentially leading to session hijacking, defacement, or further exploitation within the affected WordPress site. The vulnerability has a CVSS v3.1 base score of 6.4, categorized as medium severity, with an attack vector of network (remote), low attack complexity, requiring privileges (Contributor or above), no user interaction, and a scope change indicating that the vulnerability can affect components beyond the initially vulnerable plugin. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk given the widespread use of WordPress and the popularity of the Kadence WP plugin suite. The stored nature of the XSS means the malicious payload persists on the server, increasing the risk of repeated exploitation.
Potential Impact
For European organizations, this vulnerability can lead to unauthorized script execution within their WordPress-based websites, which are commonly used for corporate, governmental, and e-commerce portals. The exploitation could result in data theft, including user credentials and personal information, undermining GDPR compliance and potentially causing legal and reputational damage. Additionally, attackers could leverage the vulnerability to perform phishing attacks, deface websites, or pivot to other internal systems if further vulnerabilities exist. Given the Contributor-level access requirement, insider threats or compromised accounts could facilitate exploitation. The scope change in the CVSS vector indicates that the impact could extend beyond the plugin itself, potentially affecting other components or user sessions. This is particularly critical for European organizations that rely heavily on WordPress for public-facing and internal web applications, making them susceptible to service disruption and data breaches.
Mitigation Recommendations
European organizations should promptly update the 'Gutenberg Blocks with AI by Kadence WP – Page Builder Features' plugin to a patched version once available. Until a patch is released, administrators should restrict Contributor-level access strictly to trusted users and review existing Contributor accounts for suspicious activity. Implementing Web Application Firewalls (WAFs) with custom rules to detect and block malicious payloads targeting the 'redirectURL' parameter can provide temporary protection. Additionally, organizations should conduct thorough input validation and output encoding on all user-supplied data within their WordPress environment, possibly employing security plugins that enhance sanitization. Regular security audits and monitoring for unusual page content changes or script injections are recommended. Employing Content Security Policy (CSP) headers can help mitigate the impact of XSS by restricting script execution sources. Finally, educating content contributors about secure content practices and monitoring for privilege escalation attempts will reduce the risk of exploitation.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-06-04T13:10:33.373Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 686dcbd66f40f0eb72fd7834
Added to database: 7/9/2025, 1:54:30 AM
Last enriched: 7/9/2025, 2:09:41 AM
Last updated: 7/9/2025, 3:20:37 AM
Views: 3
Related Threats
CVE-2025-3499: CWE-78: Improper Neutralization of Special Elements used in an OS Command (’OS Command Injection’) in Radiflow iSAP Smart Collector
CriticalCVE-2025-3498: CWE-306: Missing Authentication for Critical Function in Radiflow iSAP Smart Collector
CriticalCVE-2025-27028: CWE-266: Incorrect Privilege Assignment in Radiflow iSAP Smart Collector
MediumCVE-2025-27027: CWE-653 Improper Isolation or Compartmentalization in Radiflow iSAP Smart Collector
MediumCVE-2025-7379: CWE-352 Cross-Site Request Forgery (CSRF) in ASUSTOR ADM
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.