Range Slider Addon for Gravity Forms CVE-2025-49905
HIGHSeverity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
6DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through <= 1.1.6.
AnalysisAI
Reflected cross-site scripting in Range Slider Addon for Gravity Forms (versions ≤1.1.6) allows remote attackers to execute arbitrary JavaScript in victim browsers via crafted URLs. The vulnerability requires user interaction (clicking a malicious link) but no authentication. EPSS probability is low (0.05%, 17th percentile), and no active exploitation or public POC has been identified. This is a WordPress plugin affecting sites using Gravity Forms with the range slider extension.
Technical ContextAI
This vulnerability stems from CWE-79 (Improper Neutralization of Input During Web Page Generation). The Range Slider Addon for Gravity Forms plugin fails to properly sanitize or encode user-supplied input before reflecting it in HTML output. The WordPress plugin architecture processes form parameters and renders slider controls, but inadequate input validation allows attackers to inject malicious JavaScript payloads that execute when victims view the manipulated page. The reflected XSS nature means the payload is not stored server-side but executed immediately upon page load from a crafted URL. The CVSS scope change (S:C) indicates the vulnerability can affect resources beyond the vulnerable component's security scope, typical of XSS that can access cookies, session tokens, or perform actions in the user's browser context across the WordPress installation.
Affected ProductsAI
PluginsCafe Range Slider Addon for Gravity Forms plugin for WordPress, all versions from initial release through version 1.1.6 inclusive. The plugin extends Gravity Forms functionality with slider input controls. Specific CPE identifiers are not provided in the vulnerability data. Vendor advisory and technical details are available at https://patchstack.com/database/Wordpress/Plugin/range-slider-addon-for-gravity-forms/vulnerability/wordpress-range-slider-addon-for-gravity-forms-plugin-1-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve. The vulnerability was discovered and reported by Patchstack's audit team (audit@patchstack.com), a WordPress security research organization.
RemediationAI
Update Range Slider Addon for Gravity Forms to version 1.1.7 or later if available (check WordPress plugin repository or PluginsCafe for released patches). As of this analysis, no independently confirmed patched version number is documented in the CVE data - verify current version status at https://patchstack.com/database/Wordpress/Plugin/range-slider-addon-for-gravity-forms/ or the official WordPress plugin page. If no patch is released, implement these compensating controls: (1) Deploy a web application firewall (WAF) with XSS detection rules to filter malicious payloads in HTTP parameters - trade-off is potential false positives blocking legitimate form submissions; (2) Implement Content Security Policy headers with strict script-src directives to prevent inline JavaScript execution - may break legitimate plugin functionality requiring inline scripts; (3) Disable the Range Slider Addon plugin entirely if not business-critical - eliminates attack surface but removes slider functionality from Gravity Forms; (4) Restrict WordPress admin access to trusted IP ranges via .htaccess or firewall rules to limit exposure to social engineering attacks - reduces flexibility for remote administration.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today