{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13071", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2025-11-12T14:45:05.083Z", "datePublished": "2025-12-09T06:00:08.538Z", "dateUpdated": "2026-04-02T12:39:53.907Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:53.907Z"}, "title": "Custom Admin Menu <= 1.0.0 - Reflected XSS", "problemTypes": [{"descriptions": [{"description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Custom Admin Menu", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."}], "references": [{"url": "https://wpscan.com/vulnerability/83c47c58-0395-4224-beaa-2f64ed92ef16/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Yousof Nahya", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-12-11T16:45:05.552481Z", "id": "CVE-2025-13071", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-09T20:04:10.476Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-13071", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-11T16:45:05.552481Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-11T16:46:02.501Z"}}], "cna": {"title": "Custom Admin Menu <= 1.0.0 - Reflected XSS", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Yousof Nahya"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Custom Admin Menu", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unknown"}], "references": [{"url": "https://wpscan.com/vulnerability/83c47c58-0395-4224-beaa-2f64ed92ef16/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-79 Cross-Site Scripting (XSS)"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:53.907Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13071", "state": "PUBLISHED", "dateUpdated": "2026-04-02T12:39:53.907Z", "dateReserved": "2025-11-12T14:45:05.083Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2025-12-09T06:00:08.538Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Custom Admin Menu WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."}], "id": "CVE-2025-13071", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-09T16:17:35.200", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/83c47c58-0395-4224-beaa-2f64ed92ef16/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:20:26.723153+00:00", "value": {"mitigation_remediation": ["Upgrade the Custom Admin Menu plugin to the latest released version (\u22651.0.1).", "Implement server\u2011side output encoding or input validation for the vulnerable parameter to neutralize any script content, addressing CWE\u201179.", "Deploy a strict Content Security Policy that blocks inline scripts and restricts script sources, reducing the impact of any residual reflected payloads."], "summary": {"action": "Update Plugin", "impact": "Reflected Cross\u2011Site Scripting affecting high\u2011privilege users"}, "threat_synthesis": {"affected_systems": "WordPress sites using the Custom Admin Menu plugin with a version less than or equal to 1.0.0 are affected. No specific version list beyond the cap of 1.0.0 is provided.", "description_and_impact": "The Custom Admin Menu plugin for WordPress releases up to 1.0.0 fails to sanitize and escape a request parameter before echoing it back into the page. This omission creates a reflected XSS vulnerability that can be triggered by an attacker constructing a malicious URL. High\u2011privilege users, such as site administrators, visiting such a URL could have arbitrary scripts executed in their browser session, potentially leading to session hijacking, theft of credentials, or injection of malicious content.", "risk_and_exploitability": "The CVSS score of 7.1 indicates a high severity impact. The EPSS score of <1% suggests that, as of the latest data, the probability of exploitation is low, and the vulnerability is not currently recorded in the CISA KEV catalog. The likely attack vector is a crafted URL accessed by an authenticated administrator; the attacker need not have site access but must lure the admin to the vulnerable link."}}}}, "created": "2025-12-10T17:52:23.802491+00:00", "updated": "2026-04-28T10:30:29.012559+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}