{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12410", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-28T15:24:27.676Z", "datePublished": "2025-11-04T04:27:15.805Z", "dateUpdated": "2026-04-08T16:46:07.809Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:46:07.809Z"}, "affected": [{"vendor": "samhoamt", "product": "SH Contextual Help", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the sh_contextual_help_dashboard_widget() function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "SH Contextual Help <= 3.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/364d6bd8-cdb8-4c99-b610-ba9a3125909e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L400"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L402"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L417"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "timeline": [{"time": "2025-11-03T15:38:25.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-04T21:01:06.623958Z", "id": "CVE-2025-12410", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T21:01:21.541Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12410", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-04T21:01:06.623958Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T21:01:10.400Z"}}], "cna": {"title": "SH Contextual Help <= 3.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "samhoamt", "product": "SH Contextual Help", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.2.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-03T15:38:25.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/364d6bd8-cdb8-4c99-b610-ba9a3125909e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L400"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L402"}, {"url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L417"}], "descriptions": [{"lang": "en", "value": "The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the sh_contextual_help_dashboard_widget() function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-11-04T04:27:15.805Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12410", "state": "PUBLISHED", "dateUpdated": "2025-11-04T21:01:21.541Z", "dateReserved": "2025-10-28T15:24:27.676Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-04T04:27:15.805Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.1. This is due to missing or incorrect nonce validation in the sh_contextual_help_dashboard_widget() function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-12410", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-04T05:16:12.953", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L400"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L402"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/sh-contextual-help/tags/3.2.1/functions.php#L417"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/364d6bd8-cdb8-4c99-b610-ba9a3125909e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T11:47:53.641014+00:00", "value": {"mitigation_remediation": ["Update the SH Contextual Help plugin to the latest version (3.2.2 or later).", "If an immediate upgrade is not feasible, disable the plugin or remove its dashboard widget until a fix is applied.", "Restrict editing of dashboard widgets to trusted administrators and monitor admin activity for suspicious requests."], "summary": {"action": "Patch Upgrade", "impact": "CSRF leading to Stored XSS via plugin settings"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the SH Contextual Help plugin version 3.2.1 and all earlier releases, distributed by the vendor Samhoamt. All WordPress sites that have this plugin installed and have not upgraded beyond version 3.2.1 are potentially vulnerable.", "description_and_impact": "The SH Contextual Help plugin for WordPress contains a vulnerability that permits Cross\u2011Site Request Forgery due to missing or incorrect nonce validation in its dashboard widget handling. An unauthenticated attacker can forge a request to update the plugin\u2019s settings, allowing the injection of arbitrary JavaScript. The injected script is stored in the widget data and will execute in the browser of any visitor to the dashboard, resulting in stored cross\u2011site scripting, which can facilitate defacement, credential theft, or session hijack.", "risk_and_exploitability": "The CVSS v3 base score of 6.1 classifies the flaw as moderate. The EPSS score of less than 1% indicates a low current probability of exploit. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to persuade a site administrator to perform a specific action, such as clicking a crafted link, making the attack non\u2011automatic and dependent on social engineering. Successful exploitation would grant the attacker stored XSS capabilities, compromising the confidentiality, integrity, and availability of the affected website for all users that view the compromised dashboard widget."}}}}, "created": "2025-11-04T16:33:13.790257+00:00", "updated": "2026-04-22T12:00:05.920242+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}