CVE-2025-23502
📋 TL;DR
A Cross-Site Request Forgery (CSRF) vulnerability in the NotFound Curated Search WordPress plugin allows attackers to inject malicious scripts that become stored cross-site scripting (XSS). This affects WordPress sites using the Curated Search plugin version 1.2 and earlier. Attackers can exploit this to execute arbitrary JavaScript in victims' browsers.
💻 Affected Systems
- WordPress Curated Search Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could inject malicious JavaScript that steals administrator credentials, redirects users to malicious sites, or performs actions on behalf of authenticated users, potentially leading to complete site compromise.
Likely Case
Attackers trick authenticated users into clicking malicious links that modify plugin settings to inject malicious scripts, affecting all visitors to the compromised pages.
If Mitigated
With proper CSRF protections and content security policies, the attack surface is reduced, though the vulnerability remains present in vulnerable versions.
🎯 Exploit Status
Exploitation requires tricking an authenticated user (with plugin access) to click a malicious link. The vulnerability chain (CSRF to Stored XSS) is well-documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Curated Search' and click 'Update Now' if available. 4. If no update appears, manually download version 1.3+ from WordPress.org and replace the plugin files via FTP/SFTP.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the Curated Search plugin until patched.
wp plugin deactivate curated-search
Implement CSRF Tokens
allAdd CSRF protection to plugin forms if custom patching is possible.
🧯 If You Can't Patch
- Restrict plugin access to trusted administrators only using role-based controls.
- Implement a Web Application Firewall (WAF) with CSRF and XSS protection rules.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin > Plugins > Installed Plugins for 'Curated Search' version. If version is 1.2 or earlier, the site is vulnerable.Check Version:
wp plugin get curated-search --field=versionVerify Fix Applied:
After update, verify the plugin version shows 1.3 or later in WordPress admin.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to Curated Search admin endpoints without referrer headers
- JavaScript injection in plugin settings or database entries
Network Indicators:
- HTTP requests with suspicious parameters to /wp-admin/admin.php?page=curated-search
SIEM Query:
source="wordpress" AND (uri_path="/wp-admin/admin.php" AND query="page=curated-search") AND http_method="POST"