Cyber Resilience

CVE-2025-23502

High

Published: 03 March 2025

Published
03 March 2025
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score 0.0008 24.0th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-23502 is a high-severity CSRF (CWE-352) vulnerability. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-23502 is a Cross-Site Request Forgery (CSRF) vulnerability in the Ned Curated Search WordPress plugin, also known as curated-search, that enables Stored Cross-Site Scripting (XSS). This issue affects all versions from n/a through 1.2 inclusive. The vulnerability is classified under CWE-352 and carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating network accessibility, low attack complexity, no required privileges, user interaction needed, changed scope, and low impacts across confidentiality, integrity, and availability.

The vulnerability can be exploited by any unauthenticated attacker over the network who tricks a victim user—typically an authenticated site administrator—into interacting with a malicious request, such as clicking a crafted link or loading a malicious webpage. Successful exploitation via CSRF allows the attacker to store arbitrary JavaScript on the site, which then executes in the context of other users viewing the affected content, potentially leading to session hijacking, data theft, or further site compromise.

Mitigation details are available in the Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/curated-search/vulnerability/wordpress-curated-search-plugin-1-2-csrf-to-stored-xss-vulnerability?_s_id=cve, which covers the WordPress Curated Search plugin vulnerability.

EU & UK References

Vulnerability details

Cross-Site Request Forgery (CSRF) vulnerability in Ned Curated Search curated-search allows Stored XSS.This issue affects Curated Search: from n/a through <= 1.2.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1204.001 Malicious Link Execution
An adversary may rely upon a user clicking a malicious link in order to gain execution.
Why these techniques?

The vulnerability is a CSRF leading to stored XSS in a public-facing WordPress plugin, directly enabling exploitation of a public-facing application over the network (T1190) via tricking an authenticated user with a crafted malicious link (T1204.001) to inject and execute arbitrary JavaScript.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-25121Shared CWE-352
CVE-2025-24001Shared CWE-352
CVE-2025-25147Shared CWE-352
CVE-2026-34904Shared CWE-352
CVE-2024-26153Shared CWE-352
CVE-2025-28860Shared CWE-352
CVE-2026-45430Shared CWE-352
CVE-2025-23880Shared CWE-352
CVE-2025-59541Shared CWE-352
CVE-2026-23622Shared CWE-352

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SC-23 enforces session authenticity mechanisms like CSRF tokens, directly preventing unauthenticated attackers from forging requests to store malicious scripts via CSRF.

prevent

SI-10 requires validation of information inputs, preventing the storage of arbitrary JavaScript payloads that enable stored XSS in the WordPress plugin.

prevent

SI-15 filters information outputs to block execution of any stored malicious scripts when content is rendered for users.

References