CVE-2025-64197 is a stored Cross-site Scripting (XSS) vulnerability found in the sizam Rehub WordPress theme, affecting all versions prior to 19.9.9.1. The vulnerability stems from improper neutralization of user-supplied input during web page generation, which allows attackers to inject malicious JavaScript code that is stored persistently on the affected website. When other users or administrators view the compromised pages, the malicious script executes in their browsers, potentially leading to session hijacking, defacement, or redirection to malicious sites. The vulnerability requires the attacker to have limited privileges (PR:L) and user interaction (UI:R), such as tricking a user into clicking a crafted link or viewing a malicious page. The CVSS v3.1 base score is 6.5, indicating a medium severity with network attack vector, low attack complexity, and scope change. Although no known exploits are currently reported in the wild, the vulnerability poses a significant risk to websites relying on the Rehub theme, particularly those handling sensitive user data or financial transactions. The lack of available patches at the time of reporting necessitates immediate attention to input sanitization and monitoring for suspicious activity.

For European organizations, the impact of this stored XSS vulnerability can be substantial, especially for those operating e-commerce, affiliate marketing, or content-heavy websites using the Rehub theme. Exploitation can lead to unauthorized access to user sessions, theft of sensitive information such as login credentials or personal data, and potential defacement or manipulation of website content. This can damage brand reputation, lead to regulatory non-compliance under GDPR due to data breaches, and cause financial losses. The vulnerability's ability to affect confidentiality, integrity, and availability, combined with the potential for scope change, means that even limited initial access could escalate into broader compromise. Organizations with high web traffic and customer engagement are particularly at risk, as successful exploitation can impact a large user base.

1. Immediately update the Rehub theme to version 19.9.9.1 or later once patches are released by the vendor. 2. Until an official patch is available, implement strict input validation and output encoding on all user-supplied data fields within the website, especially those that generate dynamic content. 3. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 4. Conduct regular security audits and penetration testing focused on XSS vulnerabilities. 5. Monitor web server and application logs for unusual activities or injection attempts. 6. Educate site administrators and users about the risks of clicking untrusted links or interacting with suspicious content. 7. Consider deploying Web Application Firewalls (WAF) with rules specifically targeting XSS attack patterns to provide an additional layer of defense.