CVE-2025-23502
Published: 03 March 2025
Summary
CVE-2025-23502 is a high-severity CSRF (CWE-352) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-23502 is a Cross-Site Request Forgery (CSRF) vulnerability in the Ned Curated Search WordPress plugin, also known as curated-search, that enables Stored Cross-Site Scripting (XSS). This issue affects all versions from n/a through 1.2 inclusive. The vulnerability is classified under CWE-352 and carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating network accessibility, low attack complexity, no required privileges, user interaction needed, changed scope, and low impacts across confidentiality, integrity, and availability.
The vulnerability can be exploited by any unauthenticated attacker over the network who tricks a victim user—typically an authenticated site administrator—into interacting with a malicious request, such as clicking a crafted link or loading a malicious webpage. Successful exploitation via CSRF allows the attacker to store arbitrary JavaScript on the site, which then executes in the context of other users viewing the affected content, potentially leading to session hijacking, data theft, or further site compromise.
Mitigation details are available in the Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/curated-search/vulnerability/wordpress-curated-search-plugin-1-2-csrf-to-stored-xss-vulnerability?_s_id=cve, which covers the WordPress Curated Search plugin vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-5737
Vulnerability details
Cross-Site Request Forgery (CSRF) vulnerability in Ned Curated Search curated-search allows Stored XSS.This issue affects Curated Search: from n/a through <= 1.2.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a CSRF leading to stored XSS in a public-facing WordPress plugin, directly enabling exploitation of a public-facing application over the network (T1190) via tricking an authenticated user with a crafted malicious link (T1204.001) to inject and execute arbitrary JavaScript.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-23 enforces session authenticity mechanisms like CSRF tokens, directly preventing unauthenticated attackers from forging requests to store malicious scripts via CSRF.
SI-10 requires validation of information inputs, preventing the storage of arbitrary JavaScript payloads that enable stored XSS in the WordPress plugin.
SI-15 filters information outputs to block execution of any stored malicious scripts when content is rendered for users.