CVE-2025-67553

Vulnerability

Overview CVE-2025-67553 is a DOM-based Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Advanced FAQ Manager, versions up to and including 1.5.2. The root cause is improper neutralization of user-supplied input during web page generation, leading to script injection within the Document Object Model (DOM) [1].

Exploitation

Exploitation requires a privileged user (e.g., an administrator) to perform an action such as clicking a malicious link or visiting a crafted page. The attacker does not need direct access to the site but must trick a user with sufficient privileges into triggering the payload. Once triggered, the injected script executes in the context of the victim's browser session [1].

Impact

Successful exploitation allows an attacker to inject arbitrary HTML and JavaScript, enabling actions such as redirecting visitors to malicious sites, displaying advertisements, or stealing sensitive data. This can affect all site visitors when the injected script runs [1].

Mitigation

The vendor has released version 1.5.3, which resolves the vulnerability. Users are strongly advised to update immediately. Patchstack users can enable auto-updates for vulnerable plugins. If updating is not possible, contacting the hosting provider or a workaround is recommended [1].