{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-5767", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-05T22:31:37.811Z", "datePublished": "2025-07-18T05:23:59.515Z", "dateUpdated": "2026-04-08T17:13:16.375Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:13:16.375Z"}, "affected": [{"vendor": "wpwham", "product": "Crowdfunding for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.1.14", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018width\u2019 parameter in all versions up to, and including, 3.1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Crowdfunding for WooCommerce <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a576f39e-42de-4881-a490-000850ea1d2d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/crowdfunding-for-woocommerce/trunk/includes/shortcodes/class-wc-crowdfunding-shortcodes-progress-bar.php#L106"}, {"url": "https://wordpress.org/plugins/crowdfunding-for-woocommerce/#developers"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Peter Thaleikis"}], "timeline": [{"time": "2025-07-17T16:28:34.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T14:14:57.590787Z", "id": "CVE-2025-5767", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:23:43.724Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5767", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T14:14:57.590787Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T14:23:28.671Z"}}], "cna": {"title": "Crowdfunding for WooCommerce <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Peter Thaleikis"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "wpwham", "product": "Crowdfunding for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.1.14"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-17T16:28:34.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a576f39e-42de-4881-a490-000850ea1d2d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/crowdfunding-for-woocommerce/trunk/includes/shortcodes/class-wc-crowdfunding-shortcodes-progress-bar.php#L106"}, {"url": "https://wordpress.org/plugins/crowdfunding-for-woocommerce/#developers"}], "descriptions": [{"lang": "en", "value": "The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018width\u2019 parameter in all versions up to, and including, 3.1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:13:16.375Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5767", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:13:16.375Z", "dateReserved": "2025-06-05T22:31:37.811Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-18T05:23:59.515Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018width\u2019 parameter in all versions up to, and including, 3.1.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El complemento Crowdfunding para WooCommerce de WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro \"width\" en todas las versiones hasta la 3.1.14 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada. "}], "id": "CVE-2025-5767", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-18T06:15:26.103", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/crowdfunding-for-woocommerce/trunk/includes/shortcodes/class-wc-crowdfunding-shortcodes-progress-bar.php#L106"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/crowdfunding-for-woocommerce/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a576f39e-42de-4881-a490-000850ea1d2d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T03:58:04.452603+00:00", "value": {"mitigation_remediation": ["Upgrade Crowdfunding for WooCommerce to version 3.1.15 or later to apply the vendor\u2019s input sanitization fix.", "If an upgrade is not yet feasible, remove or disable the progress bar shortcode until a patch can be applied.", "Restrict contributor-level access or revoke contributor privileges for untrusted users until the issue is resolved."], "summary": {"action": "Patch Now", "impact": "Stored Cross\u2011Site Scripting with contributor privileges"}, "threat_synthesis": {"affected_systems": "WordPress sites that use the Crowdfunding for WooCommerce plugin version 3.1.14 or earlier are vulnerable. The plugin, provided by the wpwham vendor, offers a progress bar shortcode that is enabled when contributors or higher edit or create commission listings. Any user with Contributor or higher role who can edit shortcodes can introduce the malicious payload.", "description_and_impact": "An attacker who has Contributor-level or higher access can exploit the Crowdfunding for WooCommerce plugin by inserting malicious JavaScript into the width parameter used for the progress bar shortcode. Because the plugin does not sanitize or escape this input, the script is stored in the database and appears on the page every time the shortcode is rendered, allowing the attacker to execute code in the context of any site visitor.", "risk_and_exploitability": "CVSS score 6.4 indicates medium severity, and the EPSS score of less than 1\u202f% suggests that large\u2011scale exploitation is currently uncommon. The flaw requires authenticated Contributor-level access or higher, so the attack vector is internal. Because the injected script is stored and executed for every user who views the page, a single compromised shortcode can affect all visitors. The vulnerability is not listed in the CISA KEV catalog. Despite the low EPSS, the potential for cross\u2011site scripting warrants prompt remediation."}}}}, "created": "2026-04-21T04:00:10.074409+00:00", "updated": "2026-04-21T04:00:10.074420+00:00", "vendors": []}