CVE-2025-62968 is a stored Cross-site Scripting (XSS) vulnerability identified in the WordPress plugin WP Last Modified Info developed by Sayan Datta. This plugin, which displays the last modified date of posts or pages, improperly neutralizes user-supplied input during the generation of web pages, allowing an attacker to inject malicious JavaScript code that is stored persistently. The vulnerability affects all versions up to and including 1.9.2. Exploitation requires the attacker to have at least low-level privileges (PR:L) and user interaction (UI:R), such as tricking an administrator or editor into viewing a crafted page or post. The attack vector is remote (AV:N), and the vulnerability has a scope change (S:C), meaning the impact extends beyond the vulnerable component. The CVSS v3.1 base score is 6.5, indicating medium severity, with partial impacts on confidentiality, integrity, and availability. While no known exploits are currently reported in the wild, the vulnerability poses a risk of session hijacking, defacement, or redirection to malicious sites. The lack of an official patch at the time of publication necessitates immediate attention from site administrators. The vulnerability is particularly relevant for WordPress sites that use this plugin to display modification info, especially those with multiple users or public-facing content where attackers can inject payloads that affect visitors or administrators.

For European organizations, the impact of CVE-2025-62968 can be significant, especially for those relying on WordPress for their web presence and using the WP Last Modified Info plugin. Successful exploitation can lead to theft of user credentials, session tokens, or other sensitive information, enabling further compromise of the website or internal systems. It can also facilitate website defacement, damage brand reputation, and lead to loss of customer trust. The partial availability impact may cause disruptions in website functionality or user experience. Given the medium severity and requirement for user interaction, the threat is more pronounced in environments with multiple users or where attackers can socially engineer users into triggering the payload. European organizations in sectors such as e-commerce, media, education, and government, which often use WordPress extensively, may face increased risk. Additionally, regulatory frameworks like GDPR impose strict requirements on protecting user data, and exploitation of this vulnerability could lead to compliance violations and fines.

1. Monitor official channels and the plugin developer for security updates and apply patches immediately once available. 2. Until a patch is released, consider disabling or removing the WP Last Modified Info plugin if it is not essential. 3. Restrict plugin management and content editing permissions to trusted users only, minimizing the risk of malicious input injection. 4. Implement a Web Application Firewall (WAF) with robust XSS detection and prevention capabilities to block malicious payloads targeting this vulnerability. 5. Conduct regular security audits and code reviews of WordPress plugins and themes to identify and remediate unsafe input handling. 6. Educate administrators and content editors about the risks of clicking on suspicious links or opening untrusted content that could trigger stored XSS. 7. Employ Content Security Policy (CSP) headers to reduce the impact of injected scripts by restricting script execution sources. 8. Use security plugins that scan for known vulnerabilities and suspicious activity related to XSS attacks. 9. Maintain regular backups of website data to enable quick recovery in case of compromise.