CVE-2025-58612 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the Property Hive plugin, a property management and real estate listing tool commonly used on WordPress websites. The vulnerability arises due to improper neutralization of input during web page generation, classified under CWE-79. This means that malicious input submitted by an attacker is not properly sanitized or encoded before being stored and later rendered in the web interface, allowing the injection of arbitrary JavaScript code. When a victim user views the affected page, the malicious script executes in their browser context, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of the user. The vulnerability affects Property Hive versions up to and including 2.1.5, with no specific earliest affected version identified. The CVSS 3.1 base score is 6.5 (medium severity), with vector AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L indicating that the vulnerability is remotely exploitable over the network with low attack complexity, requires low privileges and user interaction, and impacts confidentiality, integrity, and availability with limited scope. No public exploits are known at this time, and no patches have been linked yet. The vulnerability's impact is significant in environments where Property Hive is used to manage property listings and user interactions, as attackers could leverage stored XSS to compromise site visitors or administrators. Stored XSS is particularly dangerous because the malicious payload persists on the server and affects multiple users, increasing the attack surface and potential damage. Given the plugin's integration with WordPress, a widely used CMS, the vulnerability could be leveraged in targeted attacks against real estate agencies or property management firms using this software.

For European organizations, especially real estate agencies, property management companies, and related service providers using the Property Hive plugin, this vulnerability poses a risk of client-side compromise through malicious script execution. Attackers could steal session cookies, perform actions on behalf of authenticated users, or redirect users to phishing sites, undermining trust and potentially leading to data breaches involving personal and financial information. The compromise of administrative accounts could lead to unauthorized modification or deletion of property listings, reputational damage, and regulatory non-compliance, particularly under GDPR requirements for protecting personal data. Additionally, the availability of the service could be impacted if attackers inject scripts that disrupt normal site functionality. The medium severity rating suggests a moderate but non-trivial risk, especially since exploitation requires user interaction and low privileges, which may limit mass exploitation but still allows targeted attacks. The lack of known exploits in the wild currently reduces immediate risk, but organizations should act proactively to prevent exploitation.

European organizations should immediately audit their use of the Property Hive plugin and identify affected versions (up to 2.1.5). Until an official patch is released, implement the following mitigations: 1) Apply strict input validation and output encoding on all user-supplied data fields related to property listings and user comments to neutralize potentially malicious scripts. 2) Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 3) Limit user privileges to the minimum necessary, especially for users who can submit or edit content that is rendered on public pages. 4) Monitor web application logs for unusual input patterns or script injection attempts. 5) Educate users and administrators about the risks of clicking on suspicious links or interacting with untrusted content. 6) Regularly back up website data to enable recovery in case of compromise. 7) Once available, promptly apply official patches or updates from the Property Hive vendor. 8) Consider deploying Web Application Firewalls (WAFs) with rules to detect and block XSS payloads targeting Property Hive endpoints.