Plattform
wordpress
Komponente
wp-hallo-welt
Behoben in
1.4.1
CVE-2025-13365 describes a Cross-Site Scripting (XSS) vulnerability discovered in the WP Hallo Welt plugin for WordPress. This vulnerability allows unauthenticated attackers to inject malicious web scripts via Cross-Site Request Forgery (CSRF) attacks, potentially compromising site administrator accounts. The vulnerability affects versions 0.0.0 through 1.4 and requires an administrator to be tricked into performing an action. A fix is expected in a future plugin release.
The primary impact of CVE-2025-13365 is the potential for attackers to inject malicious JavaScript code into WordPress websites using the WP Hallo Welt plugin. Successful exploitation could lead to session hijacking, defacement of the website, redirection to malicious sites, or the theft of sensitive user data. Because the vulnerability leverages CSRF, an attacker doesn't need to authenticate but can trick an administrator into executing a forged request. The stored nature of the XSS means the injected script persists on the server and can affect multiple visitors. This is particularly concerning for sites with high traffic or sensitive data.
CVE-2025-13365 was publicly disclosed on 2025-12-20. While no public proof-of-concept (PoC) code has been released at the time of writing, the vulnerability's nature and the ease of CSRF exploitation suggest a moderate risk of exploitation. It is not currently listed on the CISA KEV catalog. The vulnerability's reliance on CSRF makes it less likely to be exploited in automated campaigns but increases the risk of targeted attacks against specific WordPress installations.
Websites using the WP Hallo Welt plugin, particularly those with administrator accounts that are frequently targeted by phishing or social engineering attacks, are at risk. Shared hosting environments where multiple websites share the same server resources are also at increased risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / plugin: Use wp-cli to check the installed plugin version:
wp plugin list | grep hallo-welt• wordpress / plugin: Search plugin files for the halloweltseite function and look for missing or incorrect nonce validation.
• generic web: Monitor WordPress error logs for suspicious JavaScript code being injected into plugin settings.
• generic web: Check WordPress admin user activity logs for unusual or unauthorized changes to plugin settings.
disclosure
Exploit-Status
EPSS
0.02% (5% Perzentil)
CISA SSVC
CVSS-Vektor
The immediate mitigation for CVE-2025-13365 is to upgrade to a patched version of the WP Hallo Welt plugin as soon as it becomes available. Until a patch is released, administrators should exercise extreme caution when clicking links or performing actions within the WordPress dashboard, especially if they suspect malicious activity. Implementing a Web Application Firewall (WAF) with CSRF protection rules can also help block malicious requests. Regularly review plugin settings for any unauthorized changes and consider limiting administrator privileges to reduce the potential impact of a successful attack.
Kein bekannter Patch verfügbar. Bitte überprüfen Sie die Details der Schwachstelle im Detail und setzen Sie Schutzmaßnahmen basierend auf der Risikobereitschaft Ihres Unternehmens um. Es kann am besten sein, die betroffene Software zu deinstallieren und eine Alternative zu finden.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-13365 is a Cross-Site Scripting (XSS) vulnerability in the WP Hallo Welt WordPress plugin, allowing attackers to inject malicious scripts via forged requests.
You are affected if you are using WP Hallo Welt versions 0.0.0 through 1.4 and have not yet upgraded to a patched version.
Upgrade to a patched version of the WP Hallo Welt plugin as soon as it becomes available. Until then, exercise caution and consider WAF rules.
While no active exploitation has been confirmed, the vulnerability's nature suggests a moderate risk of exploitation, especially through targeted attacks.
Refer to the WP Hallo Welt plugin's official website or WordPress plugin repository for updates and security advisories related to CVE-2025-13365.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.