What is the severity of CVE-2025-22517?

CVE-2025-22517 has a severity rating of MEDIUM with a CVSS base score of 6.5.

CVE-2025-22517 | Medium Vulnerability in Ben Huson List Pages at Depth

Q: What is CVE-2025-22517?

CVE-2025-22517 is a medium-severity Cross-site Scripting (XSS) vulnerability in the List Pages at Depth plugin. This vulnerability allows attackers to execute scripts in the context of users' browsers, compromising sensitive information. Organizations should prioritize remediation to mitigate risks associated with potential exploitation.

CVE-2025-22517 is a medium-severity vulnerability that allows improper neutralization of input during web page generation, specifically a Cross-site Scripting (XSS) issue in the Ben Huson List Pages at Depth plugin. This vulnerability affects versions of the plugin up to and including version 1.5. The CVSS score assigned to this vulnerability is 6.5, indicating a medium level of risk. Organizations using this plugin should take immediate action to address this vulnerability.

The risk to organizations includes potential unauthorized access to sensitive information through stored XSS attacks. Attackers may leverage this vulnerability to execute scripts in the context of users' browsers, which can lead to session hijacking, data exfiltration, or other malicious activities. Given the increasing sophistication of web-based attacks, organizations must remain vigilant.

Currently, there is no known public exploit for this vulnerability, and it is classified as deferred. However, organizations are advised to prioritize patching this vulnerability as part of their security posture, especially considering the potential for exploitation in the wild.

Organizations should prioritize patching immediately. Implementing security measures that include regular code reviews, input validation, and utilizing web application firewalls can help mitigate the risks associated with this vulnerability.

Vulnerability Details

The CVE-2025-22517 vulnerability is characterized by improper neutralization of input during web page generation, which allows for stored XSS. The affected component is the List Pages at Depth plugin, and the vulnerability impacts all versions up to and including 1.5. This issue is classified under CWE-79, which pertains to improper neutralization in web environments.

The CVSS score for this vulnerability is 6.5, placing it in the medium severity category. This score is derived from factors including an attack vector of NETWORK, low attack complexity, and the requirement for user interaction. The potential impacts include low confidentiality, integrity, and availability.

The vulnerability was published on January 7, 2025, and has since been categorized as deferred. Organizations should stay updated on the latest patches and security advisories related to this plugin.

Technical Analysis

The root cause of CVE-2025-22517 lies in insufficient input sanitization within the List Pages at Depth plugin. The attack vector is network-based, allowing remote attackers to inject malicious scripts. The attack complexity is low, with privileges required being low as well. User interaction is necessary, as users must visit a compromised page for the attack to succeed.

The confidentiality impact is low, as the vulnerability does not directly compromise sensitive data. However, the integrity and availability impacts are also rated as low, indicating that while the vulnerability exists, the overall risk may be limited without additional vulnerabilities being present.

Risk & Impact Analysis

The deployment of the List Pages at Depth plugin in various web applications poses a significant risk to organizations. The potential for stored XSS attacks means that attackers could gain unauthorized access to user sessions, leading to data breaches and loss of user trust. Organizations must recognize that the blast radius of this vulnerability can extend beyond the initial target, affecting users and potentially leading to widespread exploitation.

The urgency for remediation is classified as medium, as the vulnerability is currently deferred but still presents a risk that should not be ignored. Organizations should assess their exposure to this vulnerability and take proactive steps to mitigate the impacts.

Implementing security testing measures such as regular penetration testing and vulnerability assessments can help organizations identify and remediate similar vulnerabilities in their systems.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerability affects the List Pages at Depth plugin versions up to and including 1.5. Organizations using this plugin should ensure they are on a patched version to mitigate the associated risks.

Mitigation & Remediation

Organizations should implement the following mitigation strategies to address this vulnerability: Patch and update the List Pages at Depth plugin to the latest available version. Regularly review and update security configurations to ensure robust defense against XSS vulnerabilities. Additionally, organizations should utilize secure coding practices to minimize the potential for similar vulnerabilities in the future.

For further assistance, organizations may consider engaging in penetration testing services to identify and mitigate similar vulnerabilities.

Detection Guidance

To detect exploitation attempts related to CVE-2025-22517, organizations should monitor logs for unusual activity, specifically focusing on user input fields that may be vulnerable to XSS. Behavioral anomalies such as unexpected script execution or redirection can also indicate potential exploitation.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2025-22517 highlights the persistent risks associated with web application vulnerabilities, particularly XSS. Security teams should recognize the patterns of vulnerabilities that emerge in web applications and the importance of maintaining a proactive security posture. This case underscores the need for regular security assessments and the adoption of best practices in web application security, helping organizations mitigate risks effectively.

Organizations can enhance their defenses by establishing comprehensive vulnerability management programs that include ongoing training and awareness initiatives for developers and stakeholders.

Additionally, leveraging resources such as penetration testing methodology can assist in identifying weaknesses proactively, while maintaining up-to-date knowledge on emerging threats will empower organizations to respond effectively.

In conclusion, CVE-2025-22517 serves as a reminder of the importance of secure coding practices and the need for continuous improvement in application security. By adopting a proactive approach, organizations can significantly reduce their risk exposure.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-22517: Medium Vulnerability in Ben Huson List Pages at Depth