Description
The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2025-04-02
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Request Forgery enabling stored XSS
Action: Patch Immediately
AI Analysis

Impact

The Advanced Search by My Solr Server plugin for WordPress suffers from a missing or incorrectly validated nonce on its settings page, allowing a forged request to update plugin settings. An attacker who can trick an administrator into clicking a malicious link can inject arbitrary scripts that are then stored by the plugin and executed for every visitor. This constitutes a stored XSS flaw, classified as CWE‑352. The compromise allows an attacker to alter site behavior, steal user credentials, or deliver further malware to site visitors.

Affected Systems

All WordPress installations that use the Advanced Search by My Solr Server plugin, specifically versions up to and including 2.0.5, are affected. The plugin is maintained by dbejean; any site employing this component during the stated versions is vulnerable.

Risk and Exploitability

The CVSS score of 6.1 indicates a moderate severity. The EPSS score of less than 1% suggests a low probability of exploitation in the wild, and the vulnerability is not listed in CISA’s KEV catalog. Attackers must first coerce a site administrator into executing a forged request, implying that successful exploitation requires user interaction. Because the vulnerability hinges on administrator action, the overall risk to the broader public is limited, but sites with exposed admin interfaces face tangible threat.

Generated by OpenCVE AI on April 22, 2026 at 17:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Advanced Search by My Solr Server plugin to the latest available version or remove it if an update is not available.
  • Ensure that nonce verification is enforced on all settings forms in the plugin to block forged requests.
  • Apply a web application firewall or security plugin that blocks suspicious CSRF patterns and scans for XSS payloads, and restrict direct admin access to trusted networks.

Generated by OpenCVE AI on April 22, 2026 at 17:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-9548 The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
History

Wed, 02 Apr 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 02 Apr 2025 09:45:00 +0000

Type Values Removed Values Added
Description The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Title Advanced Search by My Solr Server <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:42:20.517Z

Reserved: 2025-04-01T14:58:31.666Z

Link: CVE-2025-3099

cve-icon Vulnrichment

Updated: 2025-04-02T14:47:20.674Z

cve-icon NVD

Status : Deferred

Published: 2025-04-02T10:15:20.387

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-3099

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T17:45:22Z

Weaknesses