CVE-2025-6378: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in corporatezen222 Responsive Food and Drink Menu
The Responsive Food and Drink Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_pdf_menus shortcode in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
AI Analysis
Technical Summary
CVE-2025-6378 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the Responsive Food and Drink Menu plugin for WordPress, developed by corporatezen222. This vulnerability affects all versions up to and including version 2.3 of the plugin. The root cause lies in insufficient input sanitization and output escaping of user-supplied attributes within the plugin's display_pdf_menus shortcode. Specifically, authenticated users with contributor-level access or higher can inject arbitrary malicious scripts into pages generated by the plugin. These injected scripts execute in the context of any user who views the compromised page, potentially leading to session hijacking, privilege escalation, or unauthorized actions performed on behalf of the victim. The vulnerability is classified under CWE-79, which pertains to improper neutralization of input during web page generation. The CVSS v3.1 base score is 6.4 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity (C:L, I:L), with no impact on availability (A:N). No known exploits have been reported in the wild as of the publication date (June 26, 2025). The vulnerability requires authenticated access at contributor level or above, which limits exploitation to users with some level of trust within the WordPress environment. However, the scope is significant because the injected script affects all users who access the compromised pages, potentially including administrators and site visitors. The vulnerability is particularly concerning for websites that use this plugin to display menus, as these pages are likely to be publicly accessible and frequently visited. The lack of official patches or updates at the time of reporting increases the urgency for mitigation.
Potential Impact
For European organizations, especially those in the hospitality, food service, and restaurant sectors that rely on WordPress websites with the Responsive Food and Drink Menu plugin, this vulnerability poses a tangible risk. Exploitation could lead to unauthorized script execution in users' browsers, enabling theft of session cookies, redirection to malicious sites, or unauthorized actions such as content manipulation or privilege escalation within the WordPress site. This can result in reputational damage, data breaches involving user information, and potential compliance violations under GDPR if personal data is compromised. The medium CVSS score reflects moderate risk, but the real-world impact could be higher if attackers leverage the vulnerability to gain administrative control or distribute malware. Given that contributor-level access is required, insider threats or compromised contributor accounts are the most likely attack vectors. Organizations with multiple content editors or less stringent access controls are at increased risk. Additionally, the vulnerability's presence in all plugin versions up to 2.3 means that many sites may be affected, especially if they have not updated or replaced the plugin. The absence of known exploits in the wild suggests limited current exploitation but does not preclude future attacks, particularly as exploit code may be developed and shared. European organizations must consider the potential for targeted attacks exploiting this vulnerability to disrupt services or steal data, especially in countries with a high density of hospitality businesses or where WordPress market share is significant.
Mitigation Recommendations
1. Immediate mitigation should include restricting contributor-level access to trusted users only, implementing strict user account management and monitoring for suspicious activity. 2. Site administrators should audit their WordPress installations to identify the presence of the Responsive Food and Drink Menu plugin and determine the version in use. 3. If possible, temporarily disable or remove the plugin until a security patch or update is released by the vendor. 4. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting the display_pdf_menus shortcode parameters. 5. Implement Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 6. Monitor website logs for unusual POST or GET requests that may indicate attempts to exploit the shortcode. 7. Educate content contributors about the risks of injecting untrusted content and enforce input validation policies. 8. Regularly update WordPress core, themes, and plugins to the latest versions once a patch for this vulnerability is available. 9. Consider deploying runtime application self-protection (RASP) solutions that can detect and block XSS attacks in real-time. 10. Conduct periodic security assessments and penetration testing focusing on plugin vulnerabilities and user privilege misuse.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Belgium, Sweden, Poland, Austria
CVE-2025-6378: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in corporatezen222 Responsive Food and Drink Menu
Description
The Responsive Food and Drink Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_pdf_menus shortcode in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
AI-Powered Analysis
Technical Analysis
CVE-2025-6378 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the Responsive Food and Drink Menu plugin for WordPress, developed by corporatezen222. This vulnerability affects all versions up to and including version 2.3 of the plugin. The root cause lies in insufficient input sanitization and output escaping of user-supplied attributes within the plugin's display_pdf_menus shortcode. Specifically, authenticated users with contributor-level access or higher can inject arbitrary malicious scripts into pages generated by the plugin. These injected scripts execute in the context of any user who views the compromised page, potentially leading to session hijacking, privilege escalation, or unauthorized actions performed on behalf of the victim. The vulnerability is classified under CWE-79, which pertains to improper neutralization of input during web page generation. The CVSS v3.1 base score is 6.4 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity (C:L, I:L), with no impact on availability (A:N). No known exploits have been reported in the wild as of the publication date (June 26, 2025). The vulnerability requires authenticated access at contributor level or above, which limits exploitation to users with some level of trust within the WordPress environment. However, the scope is significant because the injected script affects all users who access the compromised pages, potentially including administrators and site visitors. The vulnerability is particularly concerning for websites that use this plugin to display menus, as these pages are likely to be publicly accessible and frequently visited. The lack of official patches or updates at the time of reporting increases the urgency for mitigation.
Potential Impact
For European organizations, especially those in the hospitality, food service, and restaurant sectors that rely on WordPress websites with the Responsive Food and Drink Menu plugin, this vulnerability poses a tangible risk. Exploitation could lead to unauthorized script execution in users' browsers, enabling theft of session cookies, redirection to malicious sites, or unauthorized actions such as content manipulation or privilege escalation within the WordPress site. This can result in reputational damage, data breaches involving user information, and potential compliance violations under GDPR if personal data is compromised. The medium CVSS score reflects moderate risk, but the real-world impact could be higher if attackers leverage the vulnerability to gain administrative control or distribute malware. Given that contributor-level access is required, insider threats or compromised contributor accounts are the most likely attack vectors. Organizations with multiple content editors or less stringent access controls are at increased risk. Additionally, the vulnerability's presence in all plugin versions up to 2.3 means that many sites may be affected, especially if they have not updated or replaced the plugin. The absence of known exploits in the wild suggests limited current exploitation but does not preclude future attacks, particularly as exploit code may be developed and shared. European organizations must consider the potential for targeted attacks exploiting this vulnerability to disrupt services or steal data, especially in countries with a high density of hospitality businesses or where WordPress market share is significant.
Mitigation Recommendations
1. Immediate mitigation should include restricting contributor-level access to trusted users only, implementing strict user account management and monitoring for suspicious activity. 2. Site administrators should audit their WordPress installations to identify the presence of the Responsive Food and Drink Menu plugin and determine the version in use. 3. If possible, temporarily disable or remove the plugin until a security patch or update is released by the vendor. 4. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting the display_pdf_menus shortcode parameters. 5. Implement Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 6. Monitor website logs for unusual POST or GET requests that may indicate attempts to exploit the shortcode. 7. Educate content contributors about the risks of injecting untrusted content and enforce input validation policies. 8. Regularly update WordPress core, themes, and plugins to the latest versions once a patch for this vulnerability is available. 9. Consider deploying runtime application self-protection (RASP) solutions that can detect and block XSS attacks in real-time. 10. Conduct periodic security assessments and penetration testing focusing on plugin vulnerabilities and user privilege misuse.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-06-19T17:57:11.891Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 685cac9ee230f5b234861224
Added to database: 6/26/2025, 2:12:46 AM
Last enriched: 6/26/2025, 2:27:37 AM
Last updated: 8/15/2025, 12:03:13 AM
Views: 23
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.