{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12090", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-22T18:31:33.568Z", "datePublished": "2025-11-01T05:40:22.553Z", "dateUpdated": "2026-04-08T16:49:41.328Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:41.328Z"}, "affected": [{"vendor": "emarket-design", "product": "Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.1.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d7fe64-c51b-4801-a190-92396e5db27d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3386767%40employee-spotlight&new=3386767%40employee-spotlight&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}], "timeline": [{"time": "2025-10-22T18:46:42.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-31T16:31:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-03T13:10:42.467541Z", "id": "CVE-2025-12090", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-03T13:31:21.726Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12090", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-03T13:10:42.467541Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-03T13:10:48.263Z"}}], "cna": {"title": "Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Athiwat Tiprasaharn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "emarket-design", "product": "Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "5.1.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-22T18:46:42.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-31T16:31:09.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d7fe64-c51b-4801-a190-92396e5db27d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3386767%40employee-spotlight&new=3386767%40employee-spotlight&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:49:41.328Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12090", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:49:41.328Z", "dateReserved": "2025-10-22T18:31:33.568Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-01T05:40:22.553Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social URLs in all versions up to, and including, 5.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "id": "CVE-2025-12090", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-01T06:15:40.340", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3386767%40employee-spotlight&new=3386767%40employee-spotlight&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d7fe64-c51b-4801-a190-92396e5db27d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:05:12.940591+00:00", "value": {"mitigation_remediation": ["Upgrade the Employee Spotlight plugin to the latest released version that contains the XSS fix.", "If an upgrade cannot be performed immediately, disable the social URL fields in the plugin settings or modify the plugin code to sanitize output, and restrict Contributor+ access to trusted accounts only.", "Conduct a search of all plugin data for injected scripts, remove any malicious payloads, and verify that no de\u2011obfuscated JavaScript remains in posts or pages."], "summary": {"action": "Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the WordPress plugin \"Employee Spotlight \u2013 Team Member Showcase & Meet the Team\" provided by emarket\u2011design. All plugin versions up to and including 5.1.2 are impacted. An authenticated attacker with Contributor level or higher can perform the exploit.", "description_and_impact": "The Employee Spotlight \u2013 Team Member Showcase & Meet the Team plugin for WordPress is vulnerable to Stored XSS because it fails to properly sanitize and escape data entered in the social URL fields. This weakness, identified as CWE\u201179, allows an attacker to embed malicious scripts that will run in the web browsers of any user who views the affected page, potentially leading to defacement, cookie theft, or session hijacking.", "risk_and_exploitability": "The CVSS score of 6.4 reflects a moderate risk of exploitation. Because the EPSS score is below 1% and the vulnerability is not listed in CISA KEV, the likelihood of widespread immediate exploitation is low, but the attack requires legitimate contributor credentials. Once a malicious script is injected, it executes with the privileges of the browsing user, potentially compromising confidentiality, integrity, and availability of site content."}}}}, "created": "2025-11-03T10:43:46.341255+00:00", "updated": "2026-04-22T12:15:16.046659+00:00", "vendors": ["emarket-design", "emarket-design$PRODUCT$employee_spotlight", "wordpress", "wordpress$PRODUCT$wordpress"]}