{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11926", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-17T20:29:26.584Z", "datePublished": "2025-10-18T09:25:31.949Z", "dateUpdated": "2026-04-08T16:55:57.992Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:55:57.992Z"}, "affected": [{"vendor": "wpdreams", "product": "Related Posts Lite", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Related Posts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}], "title": "Related Posts Lite <= 1.12 - Authenticated (Admin+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5dadd49c-33b2-43d8-a6a9-64a3c37c4b52?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/related-posts-lite/tags/1.12/"}, {"url": "https://wordpress.org/plugins/related-posts-lite/?utm_source=chatgpt.com"}, {"url": "https://github.com/prabhatverma47/Wordpress-Related-Posts-Lite-plugin-XSS-PoC?utm_source=chatgpt.com"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Prabhat Verma"}], "timeline": [{"time": "2025-10-17T20:44:34.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-17T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-20T16:54:53.012412Z", "id": "CVE-2025-11926", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-20T16:55:27.944Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11926", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-20T16:54:53.012412Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-20T16:55:21.716Z"}}], "cna": {"title": "Related Posts Lite <= 1.12 - Authenticated (Admin+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Prabhat Verma"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "wpdreams", "product": "Related Posts Lite", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-17T20:44:34.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-17T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5dadd49c-33b2-43d8-a6a9-64a3c37c4b52?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/related-posts-lite/tags/1.12/"}, {"url": "https://wordpress.org/plugins/related-posts-lite/?utm_source=chatgpt.com"}, {"url": "https://github.com/prabhatverma47/Wordpress-Related-Posts-Lite-plugin-XSS-PoC?utm_source=chatgpt.com"}], "descriptions": [{"lang": "en", "value": "The Related Posts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:55:57.992Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11926", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:55:57.992Z", "dateReserved": "2025-10-17T20:29:26.584Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-18T09:25:31.949Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Related Posts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}], "id": "CVE-2025-11926", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-18T10:15:38.883", "references": [{"source": "security@wordfence.com", "url": "https://github.com/prabhatverma47/Wordpress-Related-Posts-Lite-plugin-XSS-PoC?utm_source=chatgpt.com"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/related-posts-lite/tags/1.12/"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/related-posts-lite/?utm_source=chatgpt.com"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5dadd49c-33b2-43d8-a6a9-64a3c37c4b52?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T16:48:02.001295+00:00", "value": {"mitigation_remediation": ["Upgrade Related Posts Lite to the latest version (or apply the vendor patch if available).", "If an upgrade is not possible, remove or disable the plugin on multisite installations or sites where unfiltered_html is disabled.", "Restrict administrator\u2011level permissions to only trusted users and consider disabling the unfiltered_html capability to limit script injection."], "summary": {"action": "Apply Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "WordPress installations running any version of Related Posts Lite 1.12 or earlier. The issue is exploitable only on network\u2011wide (multi\u2011site) blogs or on sites where the unfiltered_html capability has been disabled for ordinary administrators, meaning environments that restrict raw HTML input are at risk.", "description_and_impact": "The flaw in the Related Posts Lite plugin allows an authenticated administrator to insert arbitrary scripts into the plugin\u2019s settings. When a page that uses the affected settings is rendered, the stored script is executed in the victim\u2019s browser, leading to the typical outcomes of a stored XSS vulnerability\u2014session hijacking, defacement, or phishing of other site users. The potential use of the injected code for credential theft, site defacement, or phishing is inferred from the nature of stored XSS and the description of arbitrary script execution, rather than stated explicitly in the advisory.", "risk_and_exploitability": "The CVSS score of 4.4 classifies the vulnerability as moderate, and the EPSS score of less than 1\u202f% indicates a very low likelihood of exploitation at present. The vulnerability is not present in the CISA KEV catalog. Exploitation requires an attacker to first log in as an administrator or higher, after which the payload can be stored in the plugin\u2019s settings and subsequently delivered to any site visitor."}}}}, "created": "2025-10-20T13:21:34.451112+00:00", "updated": "2026-04-22T17:00:12.307922+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "wpdreams", "wpdreams$PRODUCT$related_posts_lite"]}