CVE-2025-31569
Published: 31 March 2025
Summary
CVE-2025-31569 is a high-severity CSRF (CWE-352) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces session authenticity mechanisms like CSRF tokens, directly preventing unauthenticated attackers from tricking users into submitting requests that store XSS payloads in the plugin.
Requires validation of all inputs to the plugin, blocking malicious XSS payloads from being stored via the CSRF vector.
Filters information outputs from the plugin, neutralizing any stored XSS payloads before execution in users' browsers.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in public-facing WordPress plugin enables T1190 exploitation; CSRF requires crafted malicious link (T1204.001) to store XSS payload; stored XSS facilitates JavaScript execution in visitor browsers (T1059.007).
NVD Description
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy wordpress related Posts with thumbnails related-posts-list-grid-and-slider-all-in-one allows Stored XSS.This issue affects wordpress related Posts with thumbnails: from n/a through <= 3.0.0.1.
Deeper analysisAI
CVE-2025-31569 is a Cross-Site Request Forgery (CSRF) vulnerability, classified under CWE-352, in the WordPress plugin "related Posts with thumbnails" (related-posts-list-grid-and-slider-all-in-one). This flaw allows for Stored XSS and affects all versions from n/a through 3.0.0.1. The vulnerability was published on 2025-03-31 and carries a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L), indicating high severity due to network accessibility, low complexity, no required privileges, and changed scope.
Unauthenticated attackers can exploit this vulnerability remotely by tricking authenticated users into submitting malicious requests via CSRF, leading to the storage of XSS payloads on the site. Exploitation requires user interaction, such as clicking a crafted link, but once successful, the stored XSS can execute in the context of other site visitors, resulting in low-level impacts to confidentiality, integrity, and availability across the changed scope.
Patchstack provides detailed advisory information on the vulnerability, including analysis of the CSRF-to-Stored XSS chain in the affected plugin versions, accessible at https://patchstack.com/database/Wordpress/Plugin/related-posts-list-grid-and-slider-all-in-one/vulnerability/wordpress-wordpress-related-posts-with-thumbnails-plugin-3-0-0-1-csrf-to-stored-xss-vulnerability?_s_id=cve. Practitioners should consult this reference for recommended patches and mitigation guidance.
Details
- CWE(s)