CVE-2025-5845 in Affiliate Reviews Plugininfo

Summary

by MITRE • 07/16/2025

The Affiliate Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘numColumns’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 07/16/2025

The CVE-2025-5845 vulnerability affects the Affiliate Reviews plugin for WordPress, specifically targeting versions up to and including 1.0.6. This security flaw represents a critical stored cross-site scripting vulnerability that undermines the integrity of WordPress installations using this plugin. The vulnerability stems from inadequate input validation and output escaping mechanisms within the plugin's codebase, creating an exploitable condition that allows malicious actors to inject persistent malicious scripts into the application's data storage.

The technical exploitation of this vulnerability occurs through the 'numColumns' parameter, which serves as the attack vector for injecting malicious code. When authenticated users with Contributor-level privileges or higher access the affected plugin interface, the insufficient sanitization of user input allows attackers to store malicious scripts within the application's database. These stored scripts then execute whenever any user accesses pages containing the injected content, creating a persistent threat that can affect multiple users without requiring additional authentication or interaction from the victims. This type of vulnerability falls under CWE-79, which specifically addresses Cross-Site Scripting flaws in web applications.

The operational impact of this vulnerability extends beyond simple script execution, as it provides attackers with the capability to perform various malicious activities including session hijacking, data theft, and redirection to malicious websites. Contributors and higher-level users typically have access to sensitive areas of WordPress administration, making this vulnerability particularly dangerous when exploited by attackers who can elevate their privileges or gain access to restricted content. The stored nature of the XSS attack means that the malicious code persists in the database, allowing attackers to maintain access and execute scripts across multiple user sessions without needing to re-inject the payload repeatedly.

Security practitioners should prioritize immediate remediation of this vulnerability by upgrading to the latest version of the Affiliate Reviews plugin where the input sanitization and output escaping issues have been addressed. Organizations should also implement additional monitoring for suspicious user activities and unauthorized parameter modifications within their WordPress installations. The vulnerability demonstrates the importance of proper input validation and output escaping practices as outlined in the OWASP Top Ten security principles and aligns with ATT&CK technique T1059.001 for Command and Scripting Interpreter, where attackers can leverage stored XSS to execute malicious scripts in victim browsers. System administrators should conduct thorough security audits of all installed WordPress plugins to identify similar vulnerabilities and ensure that proper security controls are in place to prevent unauthorized modifications to application parameters.

Reservation

06/06/2025

Disclosure

07/16/2025

Moderation

accepted

CPE

ready

EPSS

0.00225

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!