CVE-2025-67622 – This vulnerability in the Evergreen Post Tweete... (How to Fix)

Q: What is the severity of CVE-2025-67622?

CVE-2025-67622 has a CVSS score of 8.8 (HIGH). This vulnerability in the Evergreen Post Tweeter WordPress plugin allows attackers to perform Cross-Site Request Forgery (CSRF) attacks that lead to Stored Cross-Site Scripting (XSS). Attackers can trick authenticated administrators into executing malicious actions that inject persistent scripts into WordPress sites. All WordPress sites using vulnerable versions of this plugin are affected.

📋 TL;DR

This vulnerability in the Evergreen Post Tweeter WordPress plugin allows attackers to perform Cross-Site Request Forgery (CSRF) attacks that lead to Stored Cross-Site Scripting (XSS). Attackers can trick authenticated administrators into executing malicious actions that inject persistent scripts into WordPress sites. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:

Evergreen Post Tweeter WordPress Plugin

Versions: All versions up to and including 1.8.9

Operating Systems: All operating systems running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin activated.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover through admin account compromise, data theft, malware distribution to visitors, and defacement.

🟠

Likely Case

Site defacement, cookie theft from administrators, and redirection of visitors to malicious sites.

🟢

If Mitigated

Limited impact with proper CSRF tokens and XSS filtering in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires tricking an authenticated administrator into clicking a malicious link.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.9.0 or later

Vendor Advisory: https://patchstack.com/database/Wordpress/Plugin/evergreen-post-tweeter/vulnerability/wordpress-evergreen-post-tweeter-plugin-1-8-9-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Evergreen Post Tweeter. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.9.0+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate evergreen-post-tweeter

Implement CSRF Protection

all

Add CSRF tokens to WordPress forms using security plugins.

🧯 If You Can't Patch

Restrict plugin access to trusted administrators only
Implement web application firewall with CSRF and XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check plugin version in WordPress admin under Plugins > Installed Plugins.

Check Version:

wp plugin get evergreen-post-tweeter --field=version

Verify Fix Applied:

Confirm plugin version is 1.9.0 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to plugin endpoints
Unexpected script tags in post content

Network Indicators:

CSRF attack patterns in web server logs
Malicious iframe or script injections

SIEM Query:

source="wordpress.log" AND "evergreen-post-tweeter" AND ("POST" OR "script")

📊 Metadata

CVE ID: CVE-2025-67622

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

EPSS Score: 0.02% exploit probability (4.9th percentile)

Published: December 24, 2025

Last Updated: January 20, 2026

🔗 References

https://patchstack.com/database/Wordpress/Plugin/evergreen-post-tweeter/vulnerability/wordpress-evergreen-post-tweeter-plugin-1-8-9-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67622, you might also want to check these: