CVE-2025-68076 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the Stockholm Core component of the Select-Themes WordPress theme, affecting versions up to and including 2.4.6. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be stored on the server and subsequently executed in the browsers of users who visit the affected pages. This type of vulnerability is particularly dangerous because it can persist over time and affect multiple users without requiring the attacker to be present during exploitation. The CVSS 3.1 base score is 6.5, indicating a medium severity level. The vector indicates that the attack can be launched remotely over the network (AV:N), requires low attack complexity (AC:L), but does require privileges (PR:L) and user interaction (UI:R). The scope is changed (S:C), meaning the vulnerability affects components beyond the initially vulnerable component. The impact affects confidentiality, integrity, and availability to a limited extent (C:L/I:L/A:L). No known exploits are currently reported in the wild, but the vulnerability poses a risk especially in environments where the Stockholm Core theme is used for public-facing websites. Attackers with limited privileges could inject malicious JavaScript that executes in the context of other users, potentially leading to session hijacking, defacement, or redirection to malicious sites. The vulnerability is particularly relevant for organizations relying on WordPress themes from Select-Themes, as it can undermine trust and lead to data leakage or service disruption.

For European organizations, this vulnerability can lead to unauthorized access to user sessions, theft of sensitive information, and potential defacement or disruption of web services. Organizations operating e-commerce, government, or critical service websites using the Stockholm Core theme are at risk of reputational damage and regulatory non-compliance, especially under GDPR if personal data is compromised. The stored nature of the XSS means multiple users can be affected over time, increasing the attack surface. Additionally, attackers could leverage this vulnerability as a foothold for further attacks within the network. The medium severity indicates that while the impact is not catastrophic, it is significant enough to warrant prompt attention to avoid exploitation, particularly in sectors with high web traffic or sensitive user data.

1. Apply patches or updates from Select-Themes as soon as they become available to address this vulnerability. 2. Until patches are released, implement strict input validation and output encoding on all user-supplied data to prevent malicious script injection. 3. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of XSS attacks. 4. Limit user privileges to the minimum necessary to reduce the risk posed by attackers with low-level access. 5. Conduct regular security audits and penetration testing focusing on web application vulnerabilities, including XSS. 6. Educate administrators and users about the risks of interacting with untrusted content and encourage cautious behavior. 7. Monitor web server and application logs for unusual activity that could indicate exploitation attempts. 8. Consider deploying Web Application Firewalls (WAFs) configured to detect and block XSS payloads targeting the Stockholm Core theme.