Cyber Posture

CVE-2025-23545

High

Published: 23 January 2025

Published
23 January 2025
Modified
23 April 2026
KEV Added
Patch
CVSS Score 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score 0.0018 38.9th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-23545 is a high-severity Cross-site Scripting (CWE-79) vulnerability. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Spearphishing Link (T1566.002); ranked at the 38.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-15 (Information Output Filtering) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Spearphishing Link (T1566.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-15 Information Output Filtering good match
prevent

Filters information prior to output on web pages to neutralize malicious scripts, directly preventing reflected XSS exploitation in the WordPress plugin.

SI-10 Information Input Validation partial match
prevent

Validates inputs at system entry points to reject or sanitize malicious payloads before they are reflected in web page generation.

SI-2 Flaw Remediation good match
prevent

Ensures timely identification, reporting, and correction of flaws like this reflected XSS vulnerability through patching the affected WP Social Broadcast plugin.

MITRE ATT&CK Enterprise TechniquesAI

T1566.002 Spearphishing Link Initial Access
Adversaries may send spearphishing emails with a malicious link in an attempt to gain access to victim systems.
attack.mitre.org →
T1539 Steal Web Session Cookie Credential Access
An adversary may steal web application or service session cookies and use them to gain access to web applications or Internet services as an authenticated user without needing credentials.
attack.mitre.org →
Why these techniques?

Reflected XSS in the plugin enables exploitation via crafted malicious links (T1566.002 Spearphishing Link) and allows injected JavaScript to steal web session cookies or session data (T1539 Steal Web Session Cookie).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Navnish Bhardwaj WP Social Broadcast wp-social-broadcast allows Reflected XSS.This issue affects WP Social Broadcast: from n/a through <= 1.0.0.

Deeper analysisAI

CVE-2025-23545 is an Improper Neutralization of Input During Web Page Generation vulnerability, enabling Reflected Cross-site Scripting (XSS) as classified under CWE-79. It affects the WP Social Broadcast WordPress plugin (wp-social-broadcast) developed by Navnish Bhardwaj, impacting all versions from n/a through 1.0.0 inclusive. The vulnerability was published on 2025-01-23.

The issue carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating network accessibility, low attack complexity, no privileges required, and user interaction needed for exploitation. Remote attackers can craft malicious payloads delivered via reflected inputs, tricking users into interacting (e.g., via a phishing link). Successful exploitation allows limited impacts on confidentiality, integrity, and availability within a changed scope, such as executing scripts in the victim's browser to steal session data or perform other client-side actions.

Patchstack provides details on the vulnerability, including mitigation guidance, in their advisory at https://patchstack.com/database/Wordpress/Plugin/wp-social-broadcast/vulnerability/wordpress-wp-social-broadcast-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve.

Details

CWE(s)
CWE-79

CVEs Like This One

CVE-2025-25133Shared CWE-79
CVE-2025-25090Shared CWE-79
CVE-2025-23519Shared CWE-79
CVE-2025-23441Shared CWE-79
CVE-2025-23753Shared CWE-79
CVE-2025-23593Shared CWE-79
CVE-2026-28110Shared CWE-79
CVE-2026-23973Shared CWE-79
CVE-2025-22760Shared CWE-79
CVE-2026-22256Shared CWE-79

References