CVE-2025-69334 is a stored Cross-site Scripting (XSS) vulnerability identified in the WPFactory Wishlist for WooCommerce plugin, specifically affecting versions up to and including 3.3.0. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing malicious scripts to be stored persistently within the wishlist data. When other users or administrators view the affected pages, the injected scripts execute in their browsers, potentially leading to session hijacking, credential theft, or unauthorized actions performed with the victim's privileges. The CVSS 3.1 base score is 6.5, indicating a medium severity level. The vector indicates network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), user interaction (UI:R), and a scope change (S:C) with low impacts on confidentiality, integrity, and availability (C:L/I:L/A:L). Exploitation requires an attacker to have at least low privileges on the site and for a user to interact with the malicious content. No public exploits are currently known, but the vulnerability is publicly disclosed and should be addressed promptly. The vulnerability affects the popular WooCommerce plugin used for managing wishlists, a common feature in e-commerce platforms, making it relevant for many online stores.

For European organizations, particularly e-commerce businesses using WooCommerce with the WPFactory Wishlist plugin, this vulnerability poses a risk of client-side attacks that can compromise user sessions and data integrity. Attackers exploiting this flaw could execute arbitrary JavaScript in the context of the affected website, potentially stealing cookies, redirecting users to malicious sites, or performing unauthorized actions on behalf of users. This can lead to reputational damage, loss of customer trust, and regulatory consequences under GDPR if personal data is compromised. The medium severity reflects that while the impact is significant, exploitation requires some privileges and user interaction, limiting the attack surface. However, given the widespread use of WooCommerce in Europe, the aggregate risk is non-trivial. The vulnerability could also be leveraged as part of more complex attack chains targeting critical business operations or customer data.

European organizations should immediately monitor for updates from WPFactory and apply patches as soon as they are released to fix this vulnerability. Until a patch is available, administrators should consider disabling the Wishlist for WooCommerce plugin if feasible or restrict its usage to trusted users only. Implementing Web Application Firewalls (WAFs) with rules to detect and block XSS payloads targeting wishlist-related endpoints can provide temporary protection. Additionally, organizations should audit and sanitize all user inputs related to wishlist features, applying strict output encoding to prevent script execution. Security teams should also monitor logs for unusual activity or error messages indicating attempted exploitation. User education to recognize phishing or suspicious links can reduce the risk of successful user interaction with malicious payloads. Finally, conducting regular security assessments and penetration tests focusing on plugin vulnerabilities will help identify and remediate similar issues proactively.