CVE-2025-5843 is a stored Cross-Site Scripting (XSS) vulnerability classified under CWE-79, found in the Brandfolder plugin for WordPress, a digital asset management tool. The vulnerability exists due to insufficient sanitization and escaping of the 'id' parameter in all versions up to and including 5.0.19. Authenticated users with Contributor-level privileges or higher can exploit this flaw by injecting arbitrary JavaScript code into pages generated by the plugin. Because the malicious script is stored persistently, it executes whenever any user accesses the infected page, potentially compromising user sessions, stealing credentials, or performing unauthorized actions on behalf of users. The vulnerability does not require user interaction beyond page access and has a CVSS v3.1 score of 6.4, reflecting medium severity. The attack vector is network-based, with low attack complexity and privileges required at the contributor level. The scope is changed as the vulnerability affects multiple users and potentially the entire site. No patches or official fixes are currently linked, and no known exploits have been reported in the wild. This vulnerability highlights the importance of proper input validation and output encoding in web applications, especially in plugins that handle user-generated content or parameters.

The primary impact of CVE-2025-5843 is the compromise of confidentiality and integrity within affected WordPress sites using the Brandfolder plugin. Attackers with contributor-level access can inject malicious scripts that execute in the context of other users, potentially leading to session hijacking, theft of sensitive information, unauthorized actions, and defacement. This can erode user trust, damage brand reputation, and lead to data breaches. Since the vulnerability affects a digital asset management plugin, organizations relying on Brandfolder to manage and share critical media assets may face operational disruptions and intellectual property exposure. The medium CVSS score indicates a significant but not critical risk; however, the ease of exploitation by authenticated users and the persistent nature of stored XSS increase the threat. The lack of known exploits in the wild suggests limited current active targeting, but the vulnerability remains a viable attack vector for insider threats or compromised contributor accounts. Organizations worldwide using WordPress with Brandfolder are at risk, especially those with multiple contributors and public-facing content.

To mitigate CVE-2025-5843, organizations should first check for any official patches or updates from Brandfolder and apply them immediately once available. In the absence of patches, administrators should restrict contributor-level access to trusted users only and review existing contributor accounts for suspicious activity. Implementing Web Application Firewalls (WAFs) with rules to detect and block common XSS payloads targeting the 'id' parameter can reduce risk. Additionally, site administrators can sanitize and validate input parameters at the application level, employing strict whitelisting of allowed characters for the 'id' parameter. Employing Content Security Policy (CSP) headers can help mitigate the impact of injected scripts by restricting script execution sources. Regular security audits and monitoring for unusual script injections or page modifications are recommended. Educating contributors about safe content practices and the risks of injecting untrusted code is also beneficial. Finally, consider isolating or limiting the use of the Brandfolder plugin if immediate remediation is not feasible.