Description
The Browser Sniff plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2025-09-20
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting via CSRF
Action: Patch Now
AI Analysis

Impact

The Browser Sniff plugin for WordPress is affected by a missing or incorrect nonce check that allows Cross‑Site Request Forgery. An unauthenticated attacker can trick a site administrator into performing a forged request, such as clicking a link, which results in the administrator updating plugin settings with malicious scripts. These scripts are stored and executed in the administrators’ and visitors’ browsers, enabling theft of credentials, session hijacking, or defacement.

Affected Systems

The vulnerability exists in all versions of the Browser Sniff plugin up to and including 2.3. Only WordPress sites that have the Browser Sniff plugin installed and have not upgraded beyond 2.3 are at risk.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity, while the EPSS score of less than 1% suggests a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a privileged (administrator) user to unknowingly click a crafted link, making the attack vector reliant on social engineering. Because the attack surface is limited to sites with the affected plugin and an active admin account, the overall risk is moderate but still actionable.

Generated by OpenCVE AI on April 20, 2026 at 21:46 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Browser Sniff plugin to the latest version or remove it if it is no longer required.
  • If the plugin must remain, configure WordPress to restrict access to the plugin’s settings page to users with the Administrator role and enforce a valid nonce check on all settings forms.
  • Educate site administrators to be cautious of suspicious links and consider enabling two‑factor authentication or limiting admin access to mitigate social‑engineering risks.

Generated by OpenCVE AI on April 20, 2026 at 21:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-30306 The Browser Sniff plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
History

Mon, 22 Sep 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 22 Sep 2025 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Sat, 20 Sep 2025 07:00:00 +0000

Type Values Removed Values Added
Description The Browser Sniff plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Title Browser Sniff <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:17:37.127Z

Reserved: 2025-09-02T21:55:31.760Z

Link: CVE-2025-9883

cve-icon Vulnrichment

Updated: 2025-09-22T14:55:51.819Z

cve-icon NVD

Status : Deferred

Published: 2025-09-20T07:15:36.297

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-9883

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T22:00:11Z

Weaknesses