Login Sign Up

CVE-2025-12705

7.2 HIGH
Cross-Site Scripting

📋 TL;DR

This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress pages using the Social Reviews & Recommendations plugin. When users visit compromised pages, the scripts execute in their browsers, potentially stealing credentials or performing unauthorized actions. All WordPress sites using this plugin up to version 2.5 are affected.

💻 Affected Systems

Products:
  • Social Reviews & Recommendations WordPress plugin
Versions: All versions up to and including 2.5
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability affects the 'trim_text' function parameters. WordPress sites with this plugin enabled are vulnerable regardless of configuration.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, take over the WordPress site, install backdoors, or redirect users to malicious sites, leading to complete site compromise and data theft.

🟠

Likely Case

Attackers inject malicious JavaScript to steal user session cookies, perform actions on behalf of users, or deface website content.

🟢

If Mitigated

With proper web application firewalls and content security policies, script execution could be blocked, limiting impact to defacement or minor data leakage.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Stored XSS vulnerabilities are commonly exploited. The unauthenticated nature and low complexity make weaponization likely, though no public proof-of-concept is confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 2.5

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3406362/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Social Reviews & Recommendations'. 4. Click 'Update Now' if available. 5. If no update appears, manually download latest version from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the Social Reviews & Recommendations plugin until patched.

wp plugin deactivate fb-reviews-widget

Implement Content Security Policy

all

Add CSP headers to block inline script execution and restrict script sources.

Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Add to nginx config: add_header Content-Security-Policy "default-src 'self'; script-src 'self'";

🧯 If You Can't Patch

  • Implement a web application firewall (WAF) with XSS protection rules to block malicious payloads.
  • Disable the plugin entirely and remove it from the WordPress installation.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Installed Plugins for 'Social Reviews & Recommendations'. If version is 2.5 or lower, the site is vulnerable.

Check Version:

wp plugin get fb-reviews-widget --field=version

Verify Fix Applied:

After updating, verify plugin version is higher than 2.5 in WordPress admin panel. Test by attempting to inject script payloads into plugin parameters.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to WordPress admin-ajax.php with script tags in parameters
  • Multiple failed XSS attempts in web server logs
  • Unexpected JavaScript in database entries for plugin content

Network Indicators:

  • Outbound connections to suspicious domains from WordPress site
  • Unexpected script loads in page responses

SIEM Query:

source="web_server_logs" AND ("<script" OR "javascript:" OR "onerror=" OR "onload=") AND uri_path="/wp-admin/admin-ajax.php"

📊 Metadata

CVE ID: CVE-2025-12705
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.2% exploit probability (41.8th percentile)
Published: December 9, 2025
Last Updated: December 9, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12705, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)