CVE-2025-7655 is a stored Cross-Site Scripting (XSS) vulnerability identified in the Live Stream Badger WordPress plugin developed by tkrivickas, affecting all versions up to and including 1.4.3. The vulnerability arises from improper neutralization of user input during web page generation, specifically within the plugin's 'livestream' shortcode. Authenticated users with contributor-level permissions or higher can exploit this flaw by injecting malicious JavaScript code into pages via user-supplied attributes that are not properly sanitized or escaped. When other users access these compromised pages, the injected scripts execute in their browsers, potentially leading to session hijacking, privilege escalation, or unauthorized actions within the context of the affected website. The vulnerability has a CVSS 3.1 base score of 6.4, indicating a medium severity level. It requires network access, low attack complexity, and privileges equivalent to contributor-level access, but no user interaction is needed for exploitation. The scope is changed, meaning the vulnerability affects components beyond the initially vulnerable plugin, potentially impacting the broader WordPress environment. No known exploits are currently reported in the wild, and no official patches have been linked yet. This vulnerability is classified under CWE-79, which covers improper neutralization of input leading to XSS attacks.

For European organizations using WordPress sites with the Live Stream Badger plugin, this vulnerability poses a significant risk to website integrity and user trust. Successful exploitation could allow attackers to execute arbitrary scripts, leading to theft of authentication cookies, defacement, or redirection to malicious sites. This can result in data breaches, loss of customer confidence, and potential regulatory non-compliance under GDPR if personal data is compromised. Since contributor-level access is required, insider threats or compromised contributor accounts could be leveraged to exploit this vulnerability. The medium severity score reflects moderate impact; however, the changed scope and stored nature of the XSS increase the risk of persistent attacks affecting multiple users. European organizations with public-facing WordPress sites that rely on this plugin for live streaming functionality are particularly vulnerable. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the potential for future attacks.

European organizations should immediately audit their WordPress installations to identify the presence of the Live Stream Badger plugin, especially versions up to 1.4.3. Until an official patch is released, administrators should consider disabling or removing the plugin to eliminate exposure. Restrict contributor-level permissions strictly and monitor accounts with such privileges for suspicious activity. Implement Web Application Firewalls (WAFs) with custom rules to detect and block malicious payloads targeting the 'livestream' shortcode parameters. Employ Content Security Policy (CSP) headers to limit the execution of unauthorized scripts. Regularly scan websites for XSS vulnerabilities using automated tools and conduct manual code reviews of user input handling in custom plugins or themes. Educate contributors about the risks of injecting untrusted content and enforce strict input validation policies. Once a patch becomes available, prioritize prompt application and verify its effectiveness through testing.