{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11992", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-20T19:56:30.327Z", "datePublished": "2025-10-24T08:23:56.593Z", "dateUpdated": "2026-04-08T16:36:51.759Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:36:51.759Z"}, "affected": [{"vendor": "cnaveenkumar", "product": "Multi Item Responsive Slider", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Multi Item Responsive Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'mioptions.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Multi Item Responsive Slider <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/14c24bff-91a1-402a-a9d1-a1a7800db62f?source=cve"}, {"url": "https://plugins.svn.wordpress.org/mislider/trunk/mioptions.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "cweId": "CWE-80", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2025-10-23T20:09:57.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-24T16:46:42.485597Z", "id": "CVE-2025-11992", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-24T16:46:52.774Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11992", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-24T16:46:42.485597Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-24T16:46:47.620Z"}}], "cna": {"title": "Multi Item Responsive Slider <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "cnaveenkumar", "product": "Multi Item Responsive Slider", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-23T20:09:57.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/14c24bff-91a1-402a-a9d1-a1a7800db62f?source=cve"}, {"url": "https://plugins.svn.wordpress.org/mislider/trunk/mioptions.php"}], "descriptions": [{"lang": "en", "value": "The Multi Item Responsive Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'mioptions.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:36:51.759Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11992", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:36:51.759Z", "dateReserved": "2025-10-20T19:56:30.327Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-24T08:23:56.593Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Multi Item Responsive Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'mioptions.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-11992", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-24T09:15:43.547", "references": [{"source": "security@wordfence.com", "url": "https://plugins.svn.wordpress.org/mislider/trunk/mioptions.php"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/14c24bff-91a1-402a-a9d1-a1a7800db62f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-80"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:36:18.608667+00:00", "value": {"mitigation_remediation": ["Upgrade the Multi Item Responsive Slider plugin to a version newer than 1.0 or remove the plugin if no newer release exists.", "Block unauthenticated access to mioptions.php by configuring the web server (for example, with an .htaccess rule) or by applying a firewall rule to deny such requests.", "Ensure that all administrator accounts use strong authentication and, when possible, enable two\u2011factor authentication to reduce the likelihood of accidental or malicious click\u2011through to CSRF URLs."], "summary": {"action": "Apply Patch", "impact": "Stored Cross\u2011Site Scripting via Cross\u2011Site Request Forgery"}, "threat_synthesis": {"affected_systems": "All releases of the Multi Item Responsive Slider plugin up to and including version 1.0 are vulnerable. Any WordPress installation that has this plugin installed with a version in that range, and where an administrator account has the ability to visit the mioptions.php page, will be affected. Sites that have upgraded beyond 1.0 or that have removed the plugin are no longer at risk.", "description_and_impact": "The Multi Item Responsive Slider WordPress plugin contains a Cross\u2011Site Request Forgery flaw caused by missing or incorrect nonce validation on the mioptions.php page. An unauthenticated attacker can craft a malicious link that, when followed by a site administrator using an authenticated session, causes the server to process a forged request that updates plugin settings. This update can embed malicious JavaScript, resulting in stored Cross\u2011Site Scripting that will execute in the browsers of all visitors to the site.", "risk_and_exploitability": "The CVSS score of 6.1 indicates a moderate severity vulnerability. The EPSS score of less than 1\u202f% shows that current exploitation activity is very low, and the vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires an attacker to entice an administrator into clicking a crafted URL; once that condition is met, the CSRF request is executed and the malicious script stored. While the immediate threat is bounded by the need for social engineering, the resulting stored XSS can lead to session hijacking, credential theft, or other downstream attacks against site users."}}}}, "created": "2025-10-27T22:13:21.099606+00:00", "updated": "2026-04-28T10:45:29.416813+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}