{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8295", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-28T22:40:14.288Z", "datePublished": "2025-08-05T07:24:15.940Z", "dateUpdated": "2026-04-08T16:59:19.630Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:19.630Z"}, "affected": [{"vendor": "emarket-design", "product": "Employee Directory \u2013 Staff & Team Directory", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.5.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018noaccess_msg\u2019 parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d06d721-ab48-43ae-81d6-bd0b3177a7bf?source=cve"}, {"url": "https://wordpress.org/plugins/employee-directory/#developers"}, {"url": "https://plugins.trac.wordpress.org/browser/employee-directory/tags/4.5.1/includes/emd-form-builder-lite/emd-form-frontend.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3336753/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2025-07-30T08:23:06.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-04T18:45:25.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-05T14:52:13.808291Z", "id": "CVE-2025-8295", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-05T14:52:30.979Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8295", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-05T14:52:13.808291Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-05T14:52:23.160Z"}}], "cna": {"title": "Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "emarket-design", "product": "Employee Directory \u2013 Staff & Team Directory", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.5.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-30T08:23:06.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-04T18:45:25.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d06d721-ab48-43ae-81d6-bd0b3177a7bf?source=cve"}, {"url": "https://wordpress.org/plugins/employee-directory/#developers"}, {"url": "https://plugins.trac.wordpress.org/browser/employee-directory/tags/4.5.1/includes/emd-form-builder-lite/emd-form-frontend.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3336753/"}], "descriptions": [{"lang": "en", "value": "The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018noaccess_msg\u2019 parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:19.630Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8295", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:59:19.630Z", "dateReserved": "2025-07-28T22:40:14.288Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-05T07:24:15.940Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018noaccess_msg\u2019 parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El complemento Employee Directory para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro \u00abnoaccess_msg\u00bb en todas las versiones hasta la 4.5.1 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes autenticados, con acceso de colaborador o superior, inyectar scripts web arbitrarios en las p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada."}], "id": "CVE-2025-8295", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-05T08:15:27.150", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/employee-directory/tags/4.5.1/includes/emd-form-builder-lite/emd-form-frontend.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3336753/"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/employee-directory/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d06d721-ab48-43ae-81d6-bd0b3177a7bf?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T03:41:17.838604+00:00", "value": {"mitigation_remediation": ["Update the Employee Directory plugin to the latest version (4.5.2 or newer) to remove the unsanitized input handling", "If an update is not immediately possible, trim or escape all content of the \u2018noaccess_msg\u2019 field before storing or rendering it", "Reduce the scope of Contributor permissions by restricting the role\u2019s access to the plugin\u2019s configuration pages", "Disable or remove the plugin entirely if it is not required for business operations"], "summary": {"action": "Apply Patch", "impact": "Stored XSS that allows authenticated users to inject scripts executed on page view"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Employee Directory \u2013 Staff & Team Directory plugin from emarket\u2011design, in all releases up to and including version\u202f4.5.1. No precise sub\u2011version patch level is specified; upgrading beyond 4.5.1 is required to eliminate the issue.", "description_and_impact": "The Employee Directory plugin for WordPress is vulnerable to stored cross\u2011site scripting through an insufficiently sanitized and escaped \u2018noaccess_msg\u2019 parameter. This flaw permits authenticated users with Contributor level or higher to inject arbitrary JavaScript that will run whenever a page containing the injected message is accessed, potentially compromising the confidentiality, integrity, or availability of user sessions and information. The weakness is classified as CWE\u201179.", "risk_and_exploitability": "With a CVSS score of 6.4 and an EPSS score of less than 1\u202f%, the risk of exploitation is moderate to low, and the vulnerability is not currently listed in the CISA KEV catalog. Because the flaw requires authenticated access, an attacker would need to obtain or abuse Contributor\u2011level credentials to inject malicious code. Once injected, the script runs on any user who views the affected page, thereby providing an authenticated XSS vector that can be leveraged for session hijacking, credential theft, or defacement."}}}}, "created": "2025-08-05T21:23:04.041375+00:00", "updated": "2026-04-21T03:45:27.381951+00:00", "vendors": ["emarketdesign", "emarketdesign$PRODUCT$employee_directory", "wordpress", "wordpress$PRODUCT$wordpress"]}