{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3866", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-22T14:45:59.286Z", "datePublished": "2025-04-25T06:45:27.032Z", "dateUpdated": "2026-04-08T16:37:46.287Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:37:46.287Z"}, "affected": [{"vendor": "rohanpawale", "product": "Add Google +1 (Plus one) social share Button", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/190a3b11-c6ca-4666-8c7f-b22bb4a4961d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/add-google-plus-one-social-share-button/tags/1.0.0/gp_admin_page.php"}, {"url": "https://wordpress.org/plugins/add-google-plus-one-social-share-button/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "timeline": [{"time": "2025-04-24T18:32:13.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-25T15:43:32.166297Z", "id": "CVE-2025-3866", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T16:02:19.812Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3866", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-25T15:43:32.166297Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T15:43:33.871Z"}}], "cna": {"title": "Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Johannes Skamletz"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "rohanpawale", "product": "Add Google +1 (Plus one) social share Button", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-24T18:32:13.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/190a3b11-c6ca-4666-8c7f-b22bb4a4961d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/add-google-plus-one-social-share-button/tags/1.0.0/gp_admin_page.php"}, {"url": "https://wordpress.org/plugins/add-google-plus-one-social-share-button/"}], "descriptions": [{"lang": "en", "value": "The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-04-25T06:45:27.032Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3866", "state": "PUBLISHED", "dateUpdated": "2025-04-25T16:02:19.812Z", "dateReserved": "2025-04-22T14:45:59.286Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-25T06:45:27.032Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El complemento Add Google +1 (Plus one) social share Button para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 1.0.0 incluida. Esto se debe a la falta o a una validaci\u00f3n de nonce incorrecta en la p\u00e1gina del bot\u00f3n \"compartir en redes sociales Google +1\". Esto permite que atacantes no autenticados actualicen la configuraci\u00f3n e inyecten scripts web maliciosos mediante una solicitud falsificada, ya que pueden enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."}], "id": "CVE-2025-3866", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-25T07:15:48.143", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/add-google-plus-one-social-share-button/tags/1.0.0/gp_admin_page.php"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/add-google-plus-one-social-share-button/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/190a3b11-c6ca-4666-8c7f-b22bb4a4961d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T18:56:13.245662+00:00", "value": {"mitigation_remediation": ["Apply the latest plugin release that includes proper nonce validation on the settings page, fixing the stored XSS vulnerability (CWE\u201179).", "If the plugin is not essential, remove or disable it entirely, eliminating the opportunity for stored XSS (CWE\u201179).", "Use a security plugin that enforces CSRF protection on admin forms and sanitizes input before database storage, which mitigates the CWE\u201179 stored XSS flaw."], "summary": {"action": "Update Plugin", "impact": "Stored Cross\u2011Site Scripting via CSRF"}, "threat_synthesis": {"affected_systems": "The issue affects the WordPress plugin Add Google +1 (Plus one) social share Button distributed by the vendor rohanpawale, specifically all releases up to and including version 1.0.0. WordPress sites that have this plugin installed and have not applied an updated release are exposed.", "description_and_impact": "This vulnerability arises from missing or incorrect nonce validation on the Google\u2011plus\u2011one\u2011share\u2011button admin page. An unauthenticated attacker can craft a forged request that updates the plugin\u2019s settings, injecting malicious scripts that are stored and later executed on the site. The result is a stored cross\u2011site scripting flaw that can compromise confidentiality, integrity, and availability of the site and its visitors.", "risk_and_exploitability": "The severity is moderate with a CVSS score of 6.1, and the EPSS indicates a very low exploitation probability (<1%). Though it is not listed in CISA\u2019s KEV catalog, the flaw allows an attacker to execute a CSRF attack that results in stored XSS, provided they can persuade an administrator to trigger the forged request. The risk is contingent on whether the site\u2019s users interact with the compromised plugin settings page and whether stored scripts are rendered in public pages."}}}}, "created": "2025-07-12T15:42:46.171743+00:00", "updated": "2026-04-28T19:00:20.873446+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}