{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14312", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2025-12-09T08:23:14.741Z", "datePublished": "2025-12-30T06:00:03.998Z", "dateUpdated": "2026-04-02T12:39:54.274Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:54.274Z"}, "title": "Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter", "problemTypes": [{"descriptions": [{"description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Advance WP Query Search Filter", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThanOrEqual": "1.0.10"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"}], "references": [{"url": "https://wpscan.com/vulnerability/f06f982b-108b-4fc1-ad48-2f890a06ecf0/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Yevgen Goncharuk", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-12-30T15:58:45.572852Z", "id": "CVE-2025-14312", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-30T15:59:06.324Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-14312", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-30T15:58:45.572852Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-30T15:59:00.537Z"}}], "cna": {"title": "Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Yevgen Goncharuk"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Advance WP Query Search Filter", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.10"}], "defaultStatus": "unknown"}], "references": [{"url": "https://wpscan.com/vulnerability/f06f982b-108b-4fc1-ad48-2f890a06ecf0/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-79 Cross-Site Scripting (XSS)"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:54.274Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14312", "state": "PUBLISHED", "dateUpdated": "2026-04-02T12:39:54.274Z", "dateReserved": "2025-12-09T08:23:14.741Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2025-12-30T06:00:03.998Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"}], "id": "CVE-2025-14312", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-12-30T06:15:39.973", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/f06f982b-108b-4fc1-ad48-2f890a06ecf0/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Deferred"}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:06:31.751602+00:00", "value": {"mitigation_remediation": ["Upgrade the Advance WP Query Search Filter plugin to the latest version that implements proper input sanitization. ", "Restrict the use of the query filter feature for users with administrative privileges until the fix is applied. ", "Ensure all user\u2011supplied data is passed through WordPress escaping functions such as esc_html() before being output to the page to mitigate the underlying input validation weakness."], "summary": {"action": "Patch", "impact": "Reflected XSS"}, "threat_synthesis": {"affected_systems": "WordPress installations using the Advance WP Query Search Filter plugin up to and including version 1.0.10 are affected.", "description_and_impact": "The Advance WP Query Search Filter WordPress plugin version 1.0.10 and earlier contains an unsanitized and unescaped parameter that is echoed back in the page. This flaw allows a malicious user to inject JavaScript that executes in the context of privileged users such as administrators, compromising the confidentiality and integrity of the site. The weakness is a classic reflected cross\u2011site scripting flaw and corresponds to CWE\u201179.", "risk_and_exploitability": "The CVSS score of 6.1 indicates moderate severity, while the EPSS score of less than 1% suggests low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to craft a URL containing the vulnerable counter parameter and have the target high\u2011privilege user visit it. Once the script runs, the attacker could deface the site, steal session cookies, or perform other malicious actions within the user\u2019s session."}}}}, "created": "2026-01-05T10:22:41.234439+00:00", "updated": "2026-04-28T10:15:28.850366+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"], "weaknesses": ["CWE-79"]}