{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6716", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-26T13:33:33.725Z", "datePublished": "2025-07-11T06:43:33.398Z", "dateUpdated": "2026-04-08T17:29:49.175Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:29:49.175Z"}, "affected": [{"vendor": "contest-gallery", "product": "Contest Gallery \u2013 Upload & Vote Photos, Media, Sell with PayPal & Stripe", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "26.0.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload[1][title]' parameter in all versions up to, and including, 26.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e54caaf5-f37b-4842-ab3d-8e37cbed58da?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3321912%40contest-gallery&new=3321912%40contest-gallery&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "timeline": [{"time": "2025-07-10T18:41:31.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-11T15:45:59.026864Z", "id": "CVE-2025-6716", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:07:16.357Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6716", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-11T15:45:59.026864Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:07:11.721Z"}}], "cna": {"title": "Contest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "contest-gallery", "product": "Contest Gallery \u2013 Upload & Vote Photos, Media, Sell with PayPal & Stripe", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "26.0.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-10T18:41:31.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e54caaf5-f37b-4842-ab3d-8e37cbed58da?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3321912%40contest-gallery&new=3321912%40contest-gallery&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload[1][title]' parameter in all versions up to, and including, 26.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:29:49.175Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6716", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:29:49.175Z", "dateReserved": "2025-06-26T13:33:33.725Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-11T06:43:33.398Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'upload[1][title]' parameter in all versions up to, and including, 26.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El complemento Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery \u2013 Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del par\u00e1metro 'upload[1][title]' en todas las versiones hasta la 26.0.8 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de autor o superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada."}], "id": "CVE-2025-6716", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-11T07:15:25.360", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3321912%40contest-gallery&new=3321912%40contest-gallery&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e54caaf5-f37b-4842-ab3d-8e37cbed58da?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T20:20:17.035645+00:00", "value": {"mitigation_remediation": ["Update the Contest Gallery WordPress plugin to version 26.0.9 or later to eliminate the unsanitized input handling.", "If an immediate update is not possible, restrict or disable the upload functionality for user roles below Administrator until the plugin is patched.", "Review and, if necessary, revoke Author or higher privileges for users who do not require upload capabilities, thereby limiting the exposure of the vulnerable input field."], "summary": {"action": "Apply Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "All versions of the Contest Gallery WordPress plugin up to and including 26.0.8 are affected. The vendor product is the Contest Gallery \u2013 Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin distributed through WordPress.", "description_and_impact": "The Contest Gallery \u2013 Upload & Vote Photos, Media, Sell with PayPal & Stripe WordPress plugin allows authenticated users with Author-level access or higher to store arbitrary web scripts through the unsanitized 'upload[1][title]' field, resulting in stored cross\u2011site scripting. Attackers can inject malicious JavaScript that will execute whenever any user loads the affected page, potentially defacing content, stealing session cookies, or performing unauthorized actions on behalf of the victim. The weakness is a classic input validation failure (CWE\u201179).", "risk_and_exploitability": "The CVSS score of 6.4 indicates a medium severity flaw, while the EPSS score of <\u202f1\u202f% reflects a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, suggesting no known or publicly disclosed exploits at the time of assessment. Exploitation requires authenticated access at Author level or higher, and the injected scripts execute in the context of any user who opens the affected page, creating a broad impact on confidentiality and integrity for all site visitors."}}}}, "created": "2025-07-13T22:31:21.940791+00:00", "updated": "2026-04-20T20:30:16.068500+00:00", "vendors": ["contest_gallery", "contest_gallery$PRODUCT$contest_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}