{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2577", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-20T21:34:10.939Z", "datePublished": "2025-03-22T11:18:39.536Z", "dateUpdated": "2026-04-08T16:40:43.626Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:43.626Z"}, "affected": [{"vendor": "bitspecter", "product": "Bitspecter Suite", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Bitspecter Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."}], "title": "Bitspecter Suite <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e0f35be-fbd1-4063-a1c8-a8e4398d8f0a?source=cve"}, {"url": "https://plugins.svn.wordpress.org/bitspecter-suite/trunk/includes/Hardening/BitspecterSuiteHardening.php"}, {"url": "https://wordpress.org/plugins/bitspecter-suite/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3259470/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "timeline": [{"time": "2025-03-21T22:14:30.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-01T16:23:33.853724Z", "id": "CVE-2025-2577", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T16:23:45.444Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2577", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-01T16:23:33.853724Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T16:23:41.076Z"}}], "cna": {"title": "Bitspecter Suite <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload", "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "bitspecter", "product": "Bitspecter Suite", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-21T22:14:30.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e0f35be-fbd1-4063-a1c8-a8e4398d8f0a?source=cve"}, {"url": "https://plugins.svn.wordpress.org/bitspecter-suite/trunk/includes/Hardening/BitspecterSuiteHardening.php"}, {"url": "https://wordpress.org/plugins/bitspecter-suite/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3259470/"}], "descriptions": [{"lang": "en", "value": "The Bitspecter Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:43.626Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2577", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:40:43.626Z", "dateReserved": "2025-03-20T21:34:10.939Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-22T11:18:39.536Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Bitspecter Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."}, {"lang": "es", "value": "El complemento Bitspecter Suite para WordPress es vulnerable a Cross-Site Scripting almacenado al subir archivos SVG en todas las versiones hasta la 1.0.0 incluida, debido a una depuraci\u00f3n de entrada y al escape de salida insuficiente. Esto permite a atacantes autenticados, con acceso de autor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario al archivo SVG."}], "id": "CVE-2025-2577", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-22T12:15:27.013", "references": [{"source": "security@wordfence.com", "url": "https://plugins.svn.wordpress.org/bitspecter-suite/trunk/includes/Hardening/BitspecterSuiteHardening.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3259470/"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/bitspecter-suite/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e0f35be-fbd1-4063-a1c8-a8e4398d8f0a?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T17:44:44.493214+00:00", "value": {"mitigation_remediation": ["Update Bitspecter Suite to the latest version that removes the SVG upload flaw. This is the primary remediation offered by the vendor.", "If an update is not yet available, disable SVG uploads in the plugin or use a security plugin to block SVG mime types from being uploaded. This eliminates the attack surface exposed by the vulnerable feature.", "Apply additional output filtering or content security policy on the WordPress site to mitigate any residual XSS risk from other potential sources."], "summary": {"action": "Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Any WordPress installation using Bitspecter Suite versions 1.0.0 or earlier is affected. The vulnerability exists in the plugin code shipped with these releases and can be triggered on any site where the plugin is active and allows SVG uploads.", "description_and_impact": "The Bitspecter Suite plugin for WordPress has a Stored XSS flaw caused by inadequate input sanitization and output escaping when handling SVG file uploads. An authenticated attacker with Author or higher privileges can embed malicious JavaScript that will run in the browsers of any user who accesses the affected SVG file, compromising confidentiality and data integrity on the site.", "risk_and_exploitability": "The advisory assigns a CVSS score of 6.4, indicating moderate severity, and the EPSS score is listed as < 1%, implying a low likelihood of exploitation. The flaw is not catalogued in CISA KEV. Exploitation requires authenticated access with Author level and involves uploading a crafted SVG file that persists in the site's media library, making it a realistic threat for sites with broad author permissions but unlikely to be widely abused due to the low EPSS."}}}}, "created": "2025-07-13T21:07:06.220245+00:00", "updated": "2026-04-22T17:45:22.927938+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}