Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
The Anomify AI - Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in versions up to and including 0.3.6. This is due to missing nonce verification on the settings page handler and insufficient output escaping in the admin_options.php template. The settings form includes no wp_nonce_field() and the handler performs no check_admin_referer() check, meaning any cross-origin POST can modify plugin settings. The API key field is sanitized only with sanitize_text_field(), which strips HTML tags but does not encode double-quote characters; the value is then rendered into an HTML attribute via bare echo without esc_attr(), allowing a double-quote attribute-escape payload to survive both sanitization and storage. This makes it possible for unauthenticated attackers to inject arbitrary web scripts by tricking a logged-in administrator into visiting a malicious page that submits a forged request, storing the payload in the database and causing it to execute in the administrator's browser whenever the plugin settings page is visited.
AnalysisAI
Stored Cross-Site Scripting via CSRF in the Anomify AI WordPress plugin (versions ≤ 0.3.6) allows unauthenticated remote attackers to inject persistent JavaScript into the WordPress admin panel by tricking a logged-in administrator into visiting an attacker-controlled page. The attack chains two flaws: a missing nonce check on the settings handler (no check_admin_referer()) that permits any cross-origin POST to modify plugin settings, and a double-quote escape bypass where the API key value is stored after sanitize_text_field() sanitization but rendered into an HTML attribute via bare echo without esc_attr(), allowing the payload to survive both sanitization and storage. No public exploit has been identified at time of analysis, and the CVE is not listed in the CISA KEV catalog.
Technical ContextAI
The affected component is the Anomify AI anomaly detection and alerting plugin for WordPress, developed by simonholliday (CPE: cpe:2.3:a:simonholliday:anomify_ai_-_anomaly_detection_and_alerting:*:*:*:*:*:*:*:*). The root cause is CWE-352 (Cross-Site Request Forgery), compounded by a secondary output-encoding failure. WordPress's built-in nonce system (wp_nonce_field() / check_admin_referer()) is the standard defense against CSRF on admin form handlers; its complete absence in Admin.php (line 31) means any authenticated browser session can be abused via a forged POST. The XSS component exploits the semantic gap between sanitize_text_field() - which removes HTML tags but preserves double-quote characters - and the HTML attribute context in admin_options.php (line 43) where the value is echoed without esc_attr(). A payload such as " onmouseover=alert(1) x=" survives sanitize_text_field() intact, is written to the WordPress options table, and fires whenever the settings page renders. This is a classic stored attribute-injection pattern specific to PHP/WordPress development.
RemediationAI
No vendor-released patch version has been identified in the available data; the CPE and all source references point to 0.3.6 as the most recent tagged version without a confirmed fix. Site operators should monitor the WordPress plugin repository and the Wordfence advisory at https://www.wordfence.com/threat-intel/vulnerabilities/id/a1e02c2d-a38a-495c-9c37-098049297be2 for a patched release. As a compensating control, deactivating or uninstalling the Anomify AI plugin eliminates the attack surface entirely with no functional trade-off for sites that can operate without anomaly detection. If the plugin cannot be removed, restrict access to the WordPress admin panel (wp-admin) by IP allowlist at the web server or WAF layer, which prevents the CSRF forged POST from reaching the settings handler even if an admin clicks a malicious link. Additionally, ensure administrators do not browse arbitrary external sites while logged into WordPress in the same browser session. Wordfence firewall users may benefit from CSRF-protection rules, but this is not a substitute for patching.
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Rated critical severity (C
Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP c
Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1
NetAlertX (formerly PiAlert) versions 23.01.14 through 24.x before 24.10.12 allow unauthenticated command injection thro
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31070
GHSA-6hfc-j326-f823