CVE-2025-68845 identifies a reflected Cross-site Scripting (XSS) vulnerability in the eDS Responsive Menu plugin developed by aThemeArt Translations, affecting all versions up to and including 1.2. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing attackers to inject malicious JavaScript code that is reflected back to users. When a victim clicks a specially crafted link or visits a manipulated URL, the injected script executes in their browser context, potentially enabling attackers to steal session cookies, perform actions on behalf of the user, or redirect users to malicious sites. This vulnerability does not require the attacker to be authenticated, increasing its risk profile, but does require user interaction. No official patches or fixes have been published at the time of disclosure, and no known exploits have been reported in the wild. The vulnerability primarily impacts websites using the vulnerable plugin, which is commonly deployed on WordPress sites to provide responsive menu functionality. The lack of input sanitization and output encoding in the plugin's codebase is the root cause. The reflected XSS nature means the attack vector is typically through crafted URLs or HTTP requests that include malicious payloads. The vulnerability affects the confidentiality and integrity of user data and can undermine user trust in affected websites. The absence of a CVSS score necessitates a manual severity assessment based on the vulnerability's characteristics.

The primary impact of CVE-2025-68845 is the compromise of user confidentiality and integrity on websites using the vulnerable eDS Responsive Menu plugin. Successful exploitation can lead to session hijacking, allowing attackers to impersonate legitimate users and access sensitive information or perform unauthorized actions. It can also facilitate phishing attacks by redirecting users to malicious sites or displaying fraudulent content. For organizations, this can result in data breaches, loss of customer trust, reputational damage, and potential regulatory penalties if personal data is compromised. The vulnerability affects the availability of secure user interactions by undermining the trustworthiness of the website interface. Since the plugin is used in WordPress environments, which power a significant portion of the web, the scope of affected systems is broad, especially for sites that have not updated or patched the plugin. The ease of exploitation without authentication and the requirement for only user interaction increase the likelihood of successful attacks. However, the lack of known exploits in the wild suggests that exploitation is not yet widespread, providing a window for remediation.

Organizations should immediately inventory their WordPress installations to identify the presence of the eDS Responsive Menu plugin and its version. Until an official patch is released, administrators should consider disabling or removing the plugin to eliminate the attack surface. Implement strict input validation and output encoding on all user-supplied data to prevent injection of malicious scripts. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of potential XSS attacks. Educate users and administrators about the risks of clicking unknown or suspicious links. Monitor web traffic and logs for unusual requests that may indicate attempted exploitation. Once a patch becomes available from the vendor, apply it promptly and verify the fix through testing. Additionally, consider using web application firewalls (WAFs) with rules designed to detect and block reflected XSS payloads targeting this plugin. Regularly update all WordPress plugins and themes to minimize exposure to known vulnerabilities.