CVE-2025-68844
Reflected XSS in Membee Login Widget Allows Code Injection
Publication date: 2026-02-20
Last updated on: 2026-02-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | membee_login_plugin | to 2.3.6 (inc) |
| daleab | membee_login | to 2.3.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-68844 is a medium severity Cross Site Scripting (XSS) vulnerability affecting the WordPress Membee Login Plugin versions up to and including 2.3.6.'}, {'type': 'paragraph', 'content': 'This vulnerability allows an attacker to inject malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβthat execute when site visitors access the compromised pages.'}, {'type': 'paragraph', 'content': "Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form. Although an unauthenticated attacker can trigger the vulnerability, successful exploitation depends on the privileged user's action."}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can lead to the execution of malicious scripts on your website, which can result in unauthorized redirects, display of unwanted advertisements, or other harmful HTML payloads.'}, {'type': 'paragraph', 'content': "Such exploitation can compromise the integrity and trustworthiness of your website, potentially harming your users and your organization's reputation."}, {'type': 'paragraph', 'content': 'Because exploitation requires privileged user interaction, attackers may attempt to trick authorized users into performing actions that trigger the vulnerability.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2025-68844 is a reflected Cross Site Scripting (XSS) vulnerability in the WordPress Membee Login Plugin versions up to 2.3.6. Detection typically involves monitoring for suspicious HTTP requests that include malicious script payloads targeting the vulnerable plugin endpoints.
While no specific commands are provided, common detection methods include using web application firewalls (WAF) with rules designed to detect XSS payloads, inspecting web server logs for unusual query parameters or script injections, and employing security scanners that test for reflected XSS vulnerabilities on the Membee Login plugin pages.
Patchstack has issued mitigation rules that can help block attacks until the plugin is updated, which may also assist in detecting exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate and recommended mitigation step is to update the WordPress Membee Login Plugin to version 2.3.7 or later, which contains the patch for this vulnerability.'}, {'type': 'paragraph', 'content': "Until the update can be applied, users can implement Patchstack's mitigation rules to block attack attempts targeting this vulnerability."}, {'type': 'paragraph', 'content': 'Additionally, enabling automatic mitigation and auto-update options provided by Patchstack can help protect the system from exploitation.'}] [1]