{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8400", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-30T22:54:15.730Z", "datePublished": "2025-08-02T08:24:47.582Z", "dateUpdated": "2026-04-08T17:31:56.650Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:31:56.650Z"}, "affected": [{"vendor": "aumsrini", "product": "Image Gallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Image Gallery <= 1.0.0 - Reflected Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef52026b-1bfc-481c-8eb7-511d1910a35e?source=cve"}, {"url": "https://plugins.svn.wordpress.org/bee-quick-gallery/trunk/includes/bee-quick-gallery-functions.php"}, {"url": "https://wordpress.org/plugins/bee-quick-gallery/#developers"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2025-08-01T19:37:11.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-04T13:39:28.552662Z", "id": "CVE-2025-8400", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-04T13:39:34.651Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8400", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-04T13:39:28.552662Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-04T13:39:31.842Z"}}], "cna": {"title": "Image Gallery <= 1.0.0 - Reflected Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "muhammad yudha"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "aumsrini", "product": "Image Gallery", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-01T19:37:11.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef52026b-1bfc-481c-8eb7-511d1910a35e?source=cve"}, {"url": "https://plugins.svn.wordpress.org/bee-quick-gallery/trunk/includes/bee-quick-gallery-functions.php"}, {"url": "https://wordpress.org/plugins/bee-quick-gallery/#developers"}], "descriptions": [{"lang": "en", "value": "The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-08-02T08:24:47.582Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8400", "state": "PUBLISHED", "dateUpdated": "2025-08-04T13:39:34.651Z", "dateReserved": "2025-07-30T22:54:15.730Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-02T08:24:47.582Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El complemento Image Gallery para WordPress es vulnerable a Cross-Site Scripting reflejado en todas las versiones hasta la 1.0.0 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes no autenticados inyectar scripts web arbitrarios en las p\u00e1ginas que se ejecutar\u00e1n al acceder un usuario a una p\u00e1gina inyectada."}], "id": "CVE-2025-8400", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-02T09:15:48.547", "references": [{"source": "security@wordfence.com", "url": "https://plugins.svn.wordpress.org/bee-quick-gallery/trunk/includes/bee-quick-gallery-functions.php"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/bee-quick-gallery/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef52026b-1bfc-481c-8eb7-511d1910a35e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T20:02:39.056084+00:00", "value": {"mitigation_remediation": ["Check the plugin version and upgrade to the latest release that fixes the XSS flaw, if available.", "If no update exists, disable or remove the Image Gallery plugin from the site until a patch is released.", "When recreating gallery functionality, apply proper sanitization and escaping of all user\u2011supplied data following WordPress best practices."], "summary": {"action": "Update plugin", "impact": "Cross\u2011Site Scripting (CWE\u201179)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the aumsrini Image Gallery WordPress plugin for any WordPress installation that has an installed version 1.0.0 or earlier. Any host running WordPress with this plugin, regardless of site ownership or user roles, is in scope.", "description_and_impact": "The Image Gallery plugin for WordPress contains a reflected cross\u2011site scripting flaw in all releases up to and including 1.0.0 because user input is not properly sanitized and output is not escaped. An unauthenticated attacker can embed malicious JavaScript that will run in the browser of any visitor that loads a gallery page. The injected script could steal session cookies, alter page content, or redirect users to phishing sites, thereby compromising confidentiality, integrity, and user experience.", "risk_and_exploitability": "The CVSS score of 6.1 indicates moderate severity, but the EPSS score is below 1\u202f%, suggesting that exploitation attempts are currently rare. The vulnerability is not listed in the CISA KEV catalog, which reduces concern about active exploitation campaigns. Attackers can invoke the flaw through a crafted URL or form input that is reflected by the plugin, making the attack vector public and straightforward for unauthenticated users. If exploited, it can lead to user\u2011side script execution, compromising the security of visitors rather than the server itself."}}}}, "created": "2025-08-05T11:39:03.899791+00:00", "updated": "2026-04-20T20:15:06.215420+00:00", "vendors": ["aumsrini", "aumsrini$PRODUCT$image_gallery", "wordpress", "wordpress$PRODUCT$wordpress"]}