Skip to main content

CVE-2025-8313: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in emarket-design Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress

Medium
VulnerabilityCVE-2025-8313cvecve-2025-8313cwe-79
Published: Tue Aug 05 2025 (08/05/2025, 06:39:49 UTC)
Source: CVE Database V5
Vendor/Project: emarket-design
Product: Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress

Description

The Campus Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

AI-Powered Analysis

AILast updated: 08/05/2025, 07:18:17 UTC

Technical Analysis

CVE-2025-8313 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress, developed by emarket-design. This vulnerability affects all versions up to and including 1.9.1. The root cause is improper neutralization of input during web page generation, specifically insufficient sanitization and escaping of the 'noaccess_msg' parameter. Authenticated users with Contributor-level privileges or higher can exploit this flaw by injecting arbitrary malicious scripts into pages generated by the plugin. These scripts execute in the context of any user who views the infected page, potentially leading to session hijacking, privilege escalation, or unauthorized actions on behalf of the victim. The vulnerability has a CVSS 3.1 base score of 6.4, indicating a medium severity level. The attack vector is network-based with low attack complexity, requiring privileges equivalent to a Contributor role, and no user interaction is needed for exploitation once the malicious script is injected. The scope is changed because the vulnerability affects resources beyond the attacker’s privileges, impacting other users who access the compromised pages. No known exploits are currently reported in the wild, and no patches have been released at the time of this report.

Potential Impact

For European organizations using WordPress sites with the vulnerable Campus Directory plugin, this vulnerability poses a significant risk to the confidentiality and integrity of user data. Educational institutions, universities, and other organizations that maintain faculty, staff, or student directories are particularly at risk. Exploitation could lead to unauthorized disclosure of sensitive information, session hijacking of users with higher privileges, and potential defacement or manipulation of directory information. This could undermine trust in institutional websites and lead to compliance issues under GDPR due to unauthorized data exposure. Additionally, the ability to execute scripts without user interaction increases the risk of automated or stealthy attacks. The medium severity rating suggests that while the vulnerability is not critical, it is sufficiently serious to warrant prompt remediation to prevent exploitation and potential reputational damage.

Mitigation Recommendations

European organizations should immediately audit their WordPress installations to identify the presence of the Campus Directory plugin and verify the version in use. Until an official patch is released, the following specific mitigations are recommended: 1) Restrict Contributor-level and higher privileges strictly to trusted users to reduce the risk of malicious script injection. 2) Implement Web Application Firewall (WAF) rules to detect and block suspicious payloads targeting the 'noaccess_msg' parameter. 3) Employ Content Security Policy (CSP) headers to limit the execution of unauthorized scripts on affected pages. 4) Regularly monitor logs and user activity for unusual behavior indicative of exploitation attempts. 5) Consider temporarily disabling or removing the plugin if it is not essential, or replacing it with a secure alternative. 6) Educate site administrators and content contributors about the risks of injecting untrusted content. These targeted actions go beyond generic advice by focusing on privilege management, proactive detection, and containment strategies specific to this vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Wordfence
Date Reserved
2025-07-29T20:14:47.379Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6891ac91ad5a09ad00e6f49e

Added to database: 8/5/2025, 7:02:41 AM

Last enriched: 8/5/2025, 7:18:17 AM

Last updated: 8/18/2025, 1:22:22 AM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats