Impact
This vulnerability arises from insufficient input sanitization and output escaping of the 'id' parameter in the MediaView WordPress plugin. An unauthenticated attacker can inject arbitrary JavaScript that is reflected back to the victim when they click a specially crafted link. The injected script runs with the privileges of the victim’s browser, enabling actions such as session hijacking, message theft, or site defacement. The weakness aligns with CWE-79 and offers no requirement for authentication or elevated privileges to execute.
Affected Systems
The affected software is the MediaView WordPress plugin, produced by vendor dman25560. All releases up to and including 1.1.2 contain the flaw. WordPress sites that have this plugin installed and have exposed URLs containing the id parameter are vulnerable.
Risk and Exploitability
The CVSS score of 6.1 classifies the flaw as moderately severe, and the EPSS score of less than 1% indicates a low probability of exploitation in the wild. Because the flaw is exploitable via a public URL and does not require credentials, attackers can target any visitor to a site running the vulnerable plugin. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog, suggesting no known active exploitation at present. Nevertheless, the potential for arbitrary script execution merits attention, as reflected XSS can lead to significant security breaches if an attacker convinces a user to click a malicious link.
OpenCVE Enrichment
EUVD