CVE-2025-24602
Published: 04 February 2025
Summary
CVE-2025-24602 is a high-severity Cross-site Scripting (CWE-79) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious Link (T1204.001); ranked at the 32.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Deeper analysis
CVE-2025-24602 is an Improper Neutralization of Input During Web Page Generation vulnerability, enabling Reflected Cross-site Scripting (XSS) as classified under CWE-79. It affects the WP24 Domain Check WordPress plugin (wp24-domain-check), impacting versions from n/a through 1.10.14 inclusive.
The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating network accessibility, low attack complexity, no required privileges, and user interaction needed, with a changed scope. Remote attackers can exploit it by tricking authenticated or unauthenticated users into interacting with maliciously crafted input, such as a specially crafted URL, leading to script execution in the victim's browser context and low-level impacts on confidentiality, integrity, and availability.
Patchstack has published details on this issue, accessible at https://patchstack.com/database/Wordpress/Plugin/wp24-domain-check/vulnerability/wordpress-wp24-domain-check-plugin-1-10-14-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve, for security practitioners to review advisories and mitigation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-3806
Vulnerability details
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP24 WP24 Domain Check wp24-domain-check allows Reflected XSS.This issue affects WP24 Domain Check: from n/a through <= 1.10.14.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Reflected XSS is directly exploited by tricking users into clicking a specially crafted malicious URL containing the payload, enabling script execution in the browser.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses reflected XSS by requiring filtering of web page outputs to neutralize malicious scripts before rendering in the victim's browser.
Validates user inputs such as crafted URLs to block malicious payloads that could lead to script injection in the WordPress plugin.
Mandates timely remediation of the specific flaw in WP24 Domain Check plugin versions through <=1.10.14 by applying patches or updates.