CVE-2025-62968 is a stored Cross-site Scripting (XSS) vulnerability identified in the WordPress plugin 'WP Last Modified Info' developed by Sayan Datta. This plugin, which displays the last modified date of posts or pages, improperly neutralizes user input during web page generation, allowing malicious scripts to be stored and executed in the context of the victim's browser. The vulnerability affects all versions up to and including 1.9.2. The attack vector requires network access (remote), low attack complexity, and low privileges (authenticated user), with user interaction necessary to trigger the malicious payload. The vulnerability impacts confidentiality, integrity, and availability to a limited extent, as attackers can execute arbitrary scripts that may steal session tokens, manipulate page content, or perform actions on behalf of the user. The CVSS v3.1 base score is 6.5, indicating medium severity, with a scope change (S:C) meaning the vulnerability affects components beyond the initially vulnerable component. No known exploits have been reported in the wild as of the publication date (October 27, 2025). The vulnerability is particularly concerning for websites that allow user-generated content or have multiple authenticated users, as attackers with low privileges can inject persistent malicious code that affects other users or administrators. The lack of an official patch link suggests that remediation is pending or must be manually applied by plugin developers or site administrators.

For European organizations, this vulnerability poses a moderate risk, especially for those relying on WordPress websites with the WP Last Modified Info plugin installed. Exploitation could lead to session hijacking, defacement, or unauthorized actions performed by attackers impersonating legitimate users, potentially compromising sensitive data or disrupting services. Public-facing websites, e-commerce platforms, and portals with multiple authenticated users are particularly vulnerable. The medium severity score reflects the balance between the need for authentication and user interaction and the potential impact on confidentiality, integrity, and availability. Given the widespread use of WordPress across Europe, especially in countries with large digital economies, the threat could affect a significant number of organizations if not addressed promptly. Additionally, attackers could leverage this vulnerability as a foothold for further attacks within the network or to spread malware.

1. Monitor for official patches or updates from the plugin developer and apply them immediately once available. 2. In the absence of an official patch, implement manual code reviews and sanitize all user inputs related to the plugin, ensuring proper escaping and encoding before output. 3. Employ a strict Content Security Policy (CSP) to restrict the execution of unauthorized scripts on affected web pages. 4. Limit plugin usage to trusted users and restrict permissions to reduce the risk of malicious input submission. 5. Regularly audit WordPress plugins and remove or replace those that are outdated or no longer maintained. 6. Use Web Application Firewalls (WAFs) configured to detect and block common XSS attack patterns targeting the plugin. 7. Educate site administrators and users about the risks of XSS and encourage cautious behavior regarding suspicious links or inputs. 8. Conduct periodic security assessments and penetration testing focusing on web application vulnerabilities, including stored XSS.