Severity by source
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS.
This issue affects WEN Logo Slider: from n/a through 3.4.0.
AnalysisAI
DOM-based cross-site scripting (XSS) in WEN Logo Slider WordPress plugin through version 3.4.0 allows authenticated high-privilege users to inject malicious scripts that execute in the browsers of other site visitors when the UI redirects the page, potentially compromising site integrity and user data. The vulnerability requires high-privilege administrator access and user interaction (page redirect), limiting its practical scope to insider threats or compromised admin accounts.
Technical ContextAI
WEN Logo Slider is a WordPress plugin that manages logo carousels. The vulnerability stems from improper neutralization of user input during web page generation (CWE-79), specifically in DOM-based XSS scenarios. The plugin fails to properly sanitize or escape input before it is used in client-side JavaScript execution contexts, allowing attackers with administrator privileges to craft malicious payloads. DOM-based XSS differs from reflected/stored XSS in that the vulnerability exists in client-side code logic rather than server-side rendering, making detection via traditional server logs difficult.
RemediationAI
Update WEN Logo Slider to a version newer than 3.4.0 released by WEN Themes. WordPress administrators should navigate to their plugin management dashboard, locate WEN Logo Slider, and apply the available update immediately. If a patched version is not yet available, implement access controls by restricting administrator role assignment to trusted users only, enforce multi-factor authentication on all administrator accounts to prevent unauthorized access, and audit plugin settings and logo slider configurations for any suspicious modifications. The Patchstack advisory should be consulted for specific patched version availability. Since exploitation requires high-privilege access combined with user interaction, sites with strictly controlled administrator access face minimal risk during the patching window.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209712
GHSA-3jg8-qc6x-c493