{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6719", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-26T13:45:12.565Z", "datePublished": "2025-07-18T05:23:59.057Z", "dateUpdated": "2026-04-08T17:12:39.916Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:39.916Z"}, "affected": [{"vendor": "vladimirs", "product": "Terms descriptions", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.4.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}], "title": "Terms descriptions <= 3.4.8 - Authenticated (Admin+) Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a27b8d53-7229-4c88-9bda-5db31b0f8d92?source=cve"}, {"url": "https://wordpress.org/plugins/terms-descriptions/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "timeline": [{"time": "2025-07-20T17:21:37.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-07-17T16:23:32.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T15:06:48.448983Z", "id": "CVE-2025-6719", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T15:09:26.064Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6719", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T15:06:48.448983Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T15:09:19.582Z"}}], "cna": {"title": "Terms descriptions <= 3.4.8 - Authenticated (Admin+) Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "Aur\u00e9lien BOURDOIS"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "vladimirs", "product": "Terms descriptions", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.4.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-20T17:21:37.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-07-17T16:23:32.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a27b8d53-7229-4c88-9bda-5db31b0f8d92?source=cve"}, {"url": "https://wordpress.org/plugins/terms-descriptions/"}], "descriptions": [{"lang": "en", "value": "The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:39.916Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6719", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:12:39.916Z", "dateReserved": "2025-06-26T13:45:12.565Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-07-18T05:23:59.057Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Terms descriptions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}, {"lang": "es", "value": "El complemento Terms descriptions para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 3.4.8 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con permisos de administrador o superiores, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada. Esto solo afecta a instalaciones multisitio y a instalaciones donde se ha deshabilitado unfiltered_html."}], "id": "CVE-2025-6719", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-07-18T06:15:27.660", "references": [{"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/terms-descriptions/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a27b8d53-7229-4c88-9bda-5db31b0f8d92?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T22:13:46.028001+00:00", "value": {"mitigation_remediation": ["Upgrade the Terms Descriptions plugin to version 3.4.9 or later, which includes proper input sanitization and output escaping.", "If an upgrade is not yet available, disable the Terms Descriptions plugin or restrict access to its settings to users other than administrators.", "Deploy a Content Security Policy that disallows inline scripts and rejects unsafe\u2011eval, providing a defense\u2011in\u2011depth measure against the stored XSS."], "summary": {"action": "Patch", "impact": "Arbitrary script execution by privileged administrators via stored cross\u2011site scripting"}, "threat_synthesis": {"affected_systems": "Any WordPress installation that has the Terms Descriptions plugin with version 3.4.8 or earlier, running a multi\u2011site network or having the unfiltered_html capability disabled. Single\u2011site installations with unfiltered_html enabled are not affected.", "description_and_impact": "The Terms Descriptions plugin for WordPress contains a stored cross\u2011site scripting flaw that allows an administrator to inject arbitrary scripts through the plugin\u2019s admin settings. These scripts are stored in the plugin\u2019s data and executed whenever an affected page is viewed by a user. While the CVE description does not explicitly state the exact downstream effects, it is inferred that an attacker could use the injected scripts to perform actions such as credential theft or defacement, but this is not confirmed by the official statement.", "risk_and_exploitability": "The CVSS score of 4.4 indicates moderate severity; the EPSS score of less than 1\u202f% suggests a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalogue. Exploitation requires administrator privileges and is limited to sites meeting the aforementioned conditions, making the risk relatively constrained but not negligible."}}}}, "created": "2025-07-21T15:17:10.412023+00:00", "updated": "2026-04-20T22:15:06.200167+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}