CVE-2025-23511
Published: 16 January 2025
Summary
CVE-2025-23511 is a high-severity CSRF (CWE-352) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-23511 is a Cross-Site Request Forgery (CSRF) vulnerability in the Stargazer WP-BlackCheck WordPress plugin (wp-blackcheck) that enables Stored Cross-Site Scripting (XSS). This issue affects all versions of WP-BlackCheck from n/a through 2.7.2, as documented under CWE-352.
Unauthenticated attackers (PR:N) can exploit the vulnerability over the network (AV:N) with low attack complexity (AC:L), requiring user interaction (UI:R) such as tricking an administrator into visiting a malicious site or clicking a crafted link. Exploitation changes the scope (S:C) and allows storage of malicious scripts via CSRF, resulting in low impacts on confidentiality, integrity, and availability (C:L/I:L/A:L), for an overall CVSS v3.1 base score of 7.1.
The Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/wp-blackcheck/vulnerability/wordpress-wp-blackcheck-plugin-2-7-2-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve details the vulnerability in the WP-BlackCheck plugin version 2.7.2.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-3221
Vulnerability details
Cross-Site Request Forgery (CSRF) vulnerability in Stargazer WP-BlackCheck wp-blackcheck allows Stored XSS.This issue affects WP-BlackCheck: from n/a through <= 2.7.2.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is in a public-facing WordPress plugin allowing network exploitation of the application (T1190). The CSRF leading to stored XSS directly enables injection and execution of arbitrary JavaScript in users' browsers (T1059.007).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the CSRF to stored XSS flaw in WP-BlackCheck plugin versions through <=2.7.2 by applying patches or removing the vulnerable component.
Enforces session authenticity mechanisms like anti-CSRF tokens to prevent unauthenticated attackers from forging requests to store XSS payloads via the plugin's CSRF vulnerability.
Validates and sanitizes inputs to the WP-BlackCheck plugin to prevent malicious XSS scripts from being successfully stored even if a CSRF attack occurs.