CVE-2025-47610 is a stored Cross-site Scripting (XSS) vulnerability classified under CWE-79, affecting the Wetail WooCommerce Fortnox Integration plugin up to version 4.5.6. This vulnerability arises from improper neutralization of input during web page generation, allowing malicious actors to inject and store arbitrary scripts within the application. When other users or administrators access the affected pages, the malicious scripts execute in their browsers, potentially leading to session hijacking, credential theft, unauthorized actions, or the spread of malware. The vulnerability requires low privileges (PR:L) and user interaction (UI:R) to exploit, but it can be triggered remotely over the network (AV:N) without physical access. The scope is changed (S:C), indicating that the vulnerability affects resources beyond the vulnerable component, potentially impacting the entire web application or user sessions. The CVSS v3.1 base score is 6.5, reflecting a medium severity level with partial impacts on confidentiality, integrity, and availability. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability is particularly relevant for organizations using WooCommerce with the Fortnox Integration plugin, which is commonly used for e-commerce and ERP synchronization, especially in European markets where Fortnox is popular.

For European organizations, the impact of this stored XSS vulnerability can be significant, especially for e-commerce businesses relying on WooCommerce and Fortnox Integration for order and inventory management. Exploitation could lead to unauthorized access to user sessions, theft of sensitive customer data, manipulation of order information, or injection of malicious content affecting customer trust and brand reputation. Given the integration with Fortnox, which is widely used in Nordic countries for financial and ERP services, the vulnerability could also indirectly affect financial data integrity and compliance with data protection regulations such as GDPR. The medium severity score suggests that while the vulnerability is not critical, it poses a tangible risk that could disrupt business operations and lead to regulatory penalties if exploited. The requirement for some level of privilege and user interaction limits the attack surface but does not eliminate the risk, especially in environments with multiple users and administrators.

To mitigate this vulnerability, organizations should: 1) Monitor for updates from Wetail and apply patches promptly once available. 2) Implement strict input validation and output encoding on all user-supplied data within the WooCommerce Fortnox Integration plugin to prevent script injection. 3) Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 4) Limit user privileges to the minimum necessary, reducing the risk of privileged users being exploited. 5) Conduct regular security audits and penetration testing focusing on web application inputs and integrations. 6) Educate administrators and users about the risks of clicking on suspicious links or interacting with untrusted content within the application. 7) Consider deploying Web Application Firewalls (WAF) with rules tailored to detect and block XSS payloads targeting the affected plugin. These measures, combined, will reduce the likelihood and impact of exploitation beyond generic advice.