Cybersecurity Vulnerabilities

Urgent Security Alert: SortTable Post Plugin Vulnerable to XSS (CVE-2025-12649)

November 27, 2025 - By 

Overview

A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the SortTable Post plugin for WordPress, tracked as CVE-2025-12649. This vulnerability affects all versions of the plugin up to and including 4.2. Exploitation of this flaw allows authenticated attackers with Contributor-level access or higher to inject malicious JavaScript code into WordPress pages. This code executes in a user’s browser upon interaction with the injected page.

Technical Details

The vulnerability stems from insufficient input sanitization and output escaping of the id parameter within the sorttablepost shortcode. Specifically, the plugin fails to properly sanitize the ‘id’ attribute provided by users when using the [sorttablepost id="..."] shortcode. This allows an attacker to inject arbitrary HTML and JavaScript code. The vulnerable code can be found in the sorttablepost.php file, specifically around line 100 as highlighted in the reference.

Example Payload:

[sorttablepost id="<img src=x onerror=alert('XSS')>"]

CVSS Analysis

This vulnerability has been assigned a CVSS v3 score of 6.4 (Medium). The CVSS vector is likely: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. This score reflects the need for authentication (low privilege) and user interaction to trigger the exploit.

Possible Impact

Successful exploitation of this XSS vulnerability can have significant consequences, including:

  • Account Compromise: An attacker can potentially steal user cookies and session tokens, leading to account takeover.
  • Malware Distribution: The injected script can redirect users to malicious websites or trigger the download of malware.
  • Website Defacement: The attacker can modify the content of the affected pages, leading to website defacement.
  • Phishing: Injection of phishing forms to steal credentials or sensitive information.

Mitigation and Patch Steps

The most effective mitigation is to immediately update the SortTable Post plugin to the latest version, if a version higher than 4.2 is available. If an update is not yet available, consider the following:

  • Disable the Plugin: As a temporary measure, disable the SortTable Post plugin entirely until a patched version is released.
  • Web Application Firewall (WAF): Implement a WAF with rules to block potential XSS payloads targeting the sorttablepost shortcode.
  • Input Sanitization Review: If you have access to the plugin’s code and are familiar with WordPress development, manually review and sanitize the input for the id parameter within the sorttablepost shortcode. Ensure proper escaping is applied during output.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *