CVE-2025-14063
📋 TL;DR
The SEO Links Interlinking WordPress plugin contains a reflected cross-site scripting (XSS) vulnerability in the 'google_error' parameter. Unauthenticated attackers can inject malicious scripts that execute when users click specially crafted links. All WordPress sites using this plugin up to version 1.7.5 are affected.
💻 Affected Systems
- SEO Links Interlinking WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal session cookies, redirect users to malicious sites, or perform actions on behalf of authenticated users if they trick administrators into clicking malicious links.
Likely Case
Attackers create phishing campaigns with malicious links that execute scripts in victims' browsers, potentially stealing session data or displaying fake login forms.
If Mitigated
With proper Content Security Policy headers and user awareness training, impact is limited to individual user sessions rather than full site compromise.
🎯 Exploit Status
Reflected XSS vulnerabilities are commonly exploited via phishing campaigns. No public exploit code is needed as the vulnerability is straightforward to weaponize.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check WordPress plugin repository for version > 1.7.5
Vendor Advisory: https://wordpress.org/plugins/seo-links-interlinking/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'SEO Links Interlinking' and check for updates. 4. If update is available, click 'Update Now'. 5. If no update is available, disable or remove the plugin.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the vulnerable plugin until patched version is available
wp plugin deactivate seo-links-interlinking
Web Application Firewall Rule
allBlock requests containing malicious script patterns in the google_error parameter
🧯 If You Can't Patch
- Implement Content Security Policy headers to restrict script execution
- Use web application firewall to filter malicious requests containing script tags
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins for SEO Links Interlinking version ≤ 1.7.5Check Version:
wp plugin get seo-links-interlinking --field=versionVerify Fix Applied:
Verify plugin version is > 1.7.5 or plugin is disabled/removed📡 Detection & Monitoring
Log Indicators:
- HTTP requests containing 'google_error' parameter with script tags or JavaScript code
- Unusual referrer patterns in access logs
Network Indicators:
- Outbound connections to suspicious domains following visits to pages with google_error parameter
SIEM Query:
source="web_access_logs" AND uri_query="*google_error=*script*"🔗 References
- https://plugins.trac.wordpress.org/browser/seo-links-interlinking/tags/1.7.5/scdata.php#L504
- https://plugins.trac.wordpress.org/browser/seo-links-interlinking/tags/1.7.5/scdata.php#L512
- https://plugins.trac.wordpress.org/browser/seo-links-interlinking/trunk/scdata.php#L504
- https://plugins.trac.wordpress.org/browser/seo-links-interlinking/trunk/scdata.php#L512
- https://wordpress.org/plugins/seo-links-interlinking/
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d71143d6-d477-4a63-8f99-f4cc8a590536?source=cve
