CVE-2025-12450 - Vulnerability Details

- LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting

Description

The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Published: 2025-10-29

Score: 6.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The LiteSpeed Cache plugin for WordPress contains a reflected cross‑site scripting flaw caused by inadequate sanitization of user input and missing output escaping. The vulnerability allows an attacker to embed arbitrary JavaScript into a page that will execute when a victim follows a crafted link. Because the flaw is triggered solely by incoming URLs, authentication is not required and any eligible user of a vulnerable WordPress site can be targeted.

Affected Systems

All WordPress sites that run LiteSpeed Cache version 7.5.0.1 or older are affected. The issue is located within the LiteSpeed Cache plugin distributed by LiteSpeed Technologies and can impact any WordPress installation that has not upgraded beyond the mentioned version.

Risk and Exploitability

The CVSS score of 6.1 reflects moderate exploitability and potential impact. EPSS indicates a very low probability of exploitation (<1%), and the vulnerability is not listed in the CISA KEV catalog, suggesting it is not actively exploited in the wild as of the last update. The attack vector inferred is via a user clicking a maliciously crafted URL, which then causes the victim’s browser to execute injected script. No additional privileges or system access are required.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

litespeedtech

LiteSpeed Cache

unaffected

Version	Status	Constraints
`0`	affected	≤ 7.5.0.1

No data.

Vendor	Product	Confidence	Versions
Litespeedtech	Litespeed Cache	—	—
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade LiteSpeed Cache to version 7.5.0.2 or later, the fix that removes the unfiltered query variables.
If an upgrade cannot be performed immediately, disable the LiteSpeed Cache plugin or remove the affected shortcode handling, preventing the vulnerable code path from executing.
Apply a web‑application firewall rule or enforce a strict content‑security‑policy that blocks inline scripts and restricts script sources, mitigating the risk of any residual injection.

Generated by OpenCVE AI on April 22, 2026 at 00:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00106.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/litespeedtech/lscache_wp/commit/3d473f44d37ec2a834162ff1d86c017e9ae67db3
https://www.wordfence.com/threat-intel/vulnerabilities/id/98f71c32-9453-4598-acb5-242818508c74?source=cve

History

Thu, 30 Oct 2025 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Litespeedtech Litespeedtech litespeed Cache Wordpress Wordpress wordpress
Vendors & Products		Litespeedtech Litespeedtech litespeed Cache Wordpress Wordpress wordpress

Wed, 29 Oct 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 29 Oct 2025 09:45:00 +0000

Type	Values Removed	Values Added
Description		The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 7.5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Title		LiteSpeed Cache <= 7.5.0.1 - Reflected Cross-Site Scripting
Weaknesses		CWE-79
References		https://github.com/litespeedtech/lscache_wp/commit/3d473f44d37ec2a834162ff1d86c017e9ae67db3 https://www.wordfence.com/threat-intel/vulnerabilities/id/98f71c32-9453-4598-acb5-242818508c74?source=cve
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}`

Subscriptions

Litespeedtech Litespeed Cache

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-10-29T09:27:57.311Z

Updated: 2026-04-08T17:10:46.784Z

Reserved: 2025-10-28T20:45:41.236Z

Link: CVE-2025-12450

Vulnrichment

Updated: 2025-10-29T13:59:28.388Z

NVD

Status : Deferred

Published: 2025-10-29T10:15:36.903

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-12450

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T00:45:04Z

Weaknesses

CWE-79

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object