CVE-2025-6719: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in vladimirs Terms descriptions
The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
AI Analysis
Technical Summary
CVE-2025-6719 is a stored Cross-Site Scripting (XSS) vulnerability affecting the 'Terms descriptions' plugin for WordPress, developed by vladimirs. This vulnerability exists in all versions up to and including 3.4.8. The root cause is improper neutralization of input during web page generation, specifically insufficient input sanitization and output escaping in the plugin's admin settings. An authenticated attacker with administrator-level permissions or higher can exploit this flaw by injecting arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page. The vulnerability specifically impacts WordPress multi-site installations and single-site installations where the 'unfiltered_html' capability has been disabled, which restricts users from posting unfiltered HTML content. The CVSS v3.1 base score is 4.4 (medium severity), with the vector indicating network attack vector (AV:N), high attack complexity (AC:H), high privileges required (PR:H), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity, with no impact on availability. No known exploits are currently reported in the wild. The vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation), a common web application security issue leading to XSS attacks. The lack of patch links suggests that a fix may not yet be publicly available or is pending release. This vulnerability allows an attacker with high privileges to persistently inject malicious scripts that can affect all users accessing the infected pages, potentially leading to session hijacking, privilege escalation, or other malicious activities depending on the payload.
Potential Impact
For European organizations using WordPress multi-site installations with the 'Terms descriptions' plugin, this vulnerability poses a moderate risk. Since exploitation requires administrator-level access, the initial compromise vector is limited to insiders or attackers who have already breached administrative credentials. However, once exploited, the stored XSS can affect all users accessing the infected pages, potentially leading to session hijacking, credential theft, or further lateral movement within the organization’s web infrastructure. This can undermine confidentiality and integrity of user data and organizational information. Given the widespread use of WordPress in Europe, especially among SMEs and public sector entities, the vulnerability could be leveraged in targeted attacks against high-value websites or portals. The requirement for multi-site installations or disabled 'unfiltered_html' capability narrows the affected population but does not eliminate risk for organizations employing these configurations for enhanced content control. Additionally, the scope change in CVSS indicates that the vulnerability could impact resources beyond the initially vulnerable component, increasing the potential impact. The absence of known exploits reduces immediate risk but does not preclude future exploitation. European organizations must consider the potential reputational damage and regulatory implications under GDPR if user data confidentiality is compromised through such attacks.
Mitigation Recommendations
1. Immediate mitigation involves restricting administrator-level access to trusted personnel only and enforcing strong authentication mechanisms such as multi-factor authentication (MFA) to reduce the risk of credential compromise. 2. Organizations should audit their WordPress installations to identify the presence of the 'Terms descriptions' plugin, especially in multi-site environments or where 'unfiltered_html' is disabled. 3. Until an official patch is released, consider disabling or removing the vulnerable plugin to eliminate exposure. 4. Implement Web Application Firewalls (WAFs) with custom rules to detect and block suspicious script injection attempts targeting the plugin's admin settings. 5. Conduct regular security reviews and code audits for custom plugins or third-party extensions to ensure proper input sanitization and output escaping. 6. Monitor logs for unusual administrator activity or unexpected changes in plugin settings that could indicate exploitation attempts. 7. Educate administrators on the risks of stored XSS and safe content management practices. 8. Once a patch is available, prioritize timely application of updates and verify the fix through testing in staging environments before production deployment.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2025-6719: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in vladimirs Terms descriptions
Description
The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
AI-Powered Analysis
Technical Analysis
CVE-2025-6719 is a stored Cross-Site Scripting (XSS) vulnerability affecting the 'Terms descriptions' plugin for WordPress, developed by vladimirs. This vulnerability exists in all versions up to and including 3.4.8. The root cause is improper neutralization of input during web page generation, specifically insufficient input sanitization and output escaping in the plugin's admin settings. An authenticated attacker with administrator-level permissions or higher can exploit this flaw by injecting arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page. The vulnerability specifically impacts WordPress multi-site installations and single-site installations where the 'unfiltered_html' capability has been disabled, which restricts users from posting unfiltered HTML content. The CVSS v3.1 base score is 4.4 (medium severity), with the vector indicating network attack vector (AV:N), high attack complexity (AC:H), high privileges required (PR:H), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity, with no impact on availability. No known exploits are currently reported in the wild. The vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation), a common web application security issue leading to XSS attacks. The lack of patch links suggests that a fix may not yet be publicly available or is pending release. This vulnerability allows an attacker with high privileges to persistently inject malicious scripts that can affect all users accessing the infected pages, potentially leading to session hijacking, privilege escalation, or other malicious activities depending on the payload.
Potential Impact
For European organizations using WordPress multi-site installations with the 'Terms descriptions' plugin, this vulnerability poses a moderate risk. Since exploitation requires administrator-level access, the initial compromise vector is limited to insiders or attackers who have already breached administrative credentials. However, once exploited, the stored XSS can affect all users accessing the infected pages, potentially leading to session hijacking, credential theft, or further lateral movement within the organization’s web infrastructure. This can undermine confidentiality and integrity of user data and organizational information. Given the widespread use of WordPress in Europe, especially among SMEs and public sector entities, the vulnerability could be leveraged in targeted attacks against high-value websites or portals. The requirement for multi-site installations or disabled 'unfiltered_html' capability narrows the affected population but does not eliminate risk for organizations employing these configurations for enhanced content control. Additionally, the scope change in CVSS indicates that the vulnerability could impact resources beyond the initially vulnerable component, increasing the potential impact. The absence of known exploits reduces immediate risk but does not preclude future exploitation. European organizations must consider the potential reputational damage and regulatory implications under GDPR if user data confidentiality is compromised through such attacks.
Mitigation Recommendations
1. Immediate mitigation involves restricting administrator-level access to trusted personnel only and enforcing strong authentication mechanisms such as multi-factor authentication (MFA) to reduce the risk of credential compromise. 2. Organizations should audit their WordPress installations to identify the presence of the 'Terms descriptions' plugin, especially in multi-site environments or where 'unfiltered_html' is disabled. 3. Until an official patch is released, consider disabling or removing the vulnerable plugin to eliminate exposure. 4. Implement Web Application Firewalls (WAFs) with custom rules to detect and block suspicious script injection attempts targeting the plugin's admin settings. 5. Conduct regular security reviews and code audits for custom plugins or third-party extensions to ensure proper input sanitization and output escaping. 6. Monitor logs for unusual administrator activity or unexpected changes in plugin settings that could indicate exploitation attempts. 7. Educate administrators on the risks of stored XSS and safe content management practices. 8. Once a patch is available, prioritize timely application of updates and verify the fix through testing in staging environments before production deployment.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-06-26T13:45:12.565Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6879dc20a83201eaacef6a08
Added to database: 7/18/2025, 5:31:12 AM
Last enriched: 7/18/2025, 5:47:07 AM
Last updated: 8/23/2025, 12:44:53 PM
Views: 29
Related Threats
CVE-2025-9727: OS Command Injection in D-Link DIR-816L
MediumCVE-2025-9726: SQL Injection in Campcodes Farm Management System
MediumCVE-2025-9725: Use of Hard-coded Password in Cudy LT500E
LowCVE-2025-9724: Cross Site Scripting in Portabilis i-Educar
MediumCVE-2025-9723: Cross Site Scripting in Portabilis i-Educar
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.