Salient Shortcodes CVE-2025-68079
MEDIUMSeverity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNectar Salient Shortcodes salient-shortcodes allows Stored XSS.This issue affects Salient Shortcodes: from n/a through <= 1.5.4.
AnalysisAI
Stored cross-site scripting (XSS) in ThemeNectar Salient Shortcodes WordPress plugin through version 1.5.4 allows authenticated users with low privileges to inject malicious scripts that execute in the context of higher-privileged administrators or other site visitors. The vulnerability requires user interaction (UI:R in CVSS vector) and affects the shortcode generation functionality, enabling persistence of malicious payloads in page content. EPSS score of 0.06% indicates low real-world exploitation probability despite the moderate CVSS 6.5 rating.
Technical ContextAI
Salient Shortcodes is a WordPress plugin that provides shortcode functionality for the Salient theme. The vulnerability stems from improper input neutralization (CWE-79) during web page generation, where user-supplied data embedded in shortcodes is not adequately sanitized or escaped before output. This classic stored XSS vulnerability allows attackers to inject arbitrary JavaScript that persists in the WordPress database and executes when the page is viewed. The WordPress plugin ecosystem relies on proper escaping functions (esc_attr, wp_kses_post, etc.) at output time; the absence or misapplication of these functions in shortcode rendering creates the vulnerability.
Affected ProductsAI
ThemeNectar Salient Shortcodes WordPress plugin versions from an unspecified baseline through 1.5.4 are affected. The vendor advisory from Patchstack indicates that version 1.5.4 and all prior versions contain the vulnerability. No CPE string was provided in the available data, but the plugin can be identified in WordPress plugin repositories with slug 'salient-shortcodes'.
RemediationAI
Update Salient Shortcodes to a patched version above 1.5.4. Visit the plugin's WordPress.org repository or ThemeNectar's official site to download the latest release, or use the WordPress admin dashboard 'Plugins' → 'Updates' to apply the patch automatically. If an immediate patch is unavailable, restrict the capability to edit shortcodes to trusted administrators only by removing 'edit_posts' or 'edit_pages' capabilities from contributor and author roles using role management plugins (trade-off: reduces content creator flexibility). Audit existing shortcode content in pages and posts for suspicious code using WordPress admin search or database queries (SELECT * FROM wp_posts WHERE post_content LIKE '%<script%'). Enable a Web Application Firewall (WAF) to detect and block reflected/stored XSS payloads in shortcode parameters as a temporary compensating control.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today