CVE-2025-69343
Stored XSS in Theater for WordPress Plugin
Publication date: 2026-03-05
Last updated on: 2026-03-10
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jeroen_schmit | theater_for_wordpress | From 0.0 (inc) to 0.19 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-69343 is a medium severity Cross Site Scripting (XSS) vulnerability affecting the WordPress plugin "Theater for WordPress" versions up to and including 0.19.'}, {'type': 'paragraph', 'content': 'This vulnerability allows a malicious actor to inject and execute arbitrary scriptsβsuch as redirects, advertisements, or other HTML payloadsβon websites using the affected plugin.'}, {'type': 'paragraph', 'content': 'Exploitation requires user interaction by a privileged user (Subscriber or Developer role), who must perform an action like clicking a malicious link, visiting a crafted page, or submitting a form.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'The vulnerability can allow attackers to execute arbitrary scripts on your website, which can lead to unauthorized actions such as redirects to malicious sites, displaying unwanted advertisements, or stealing sensitive information.'}, {'type': 'paragraph', 'content': "Since exploitation requires interaction by a privileged user, it can compromise trusted users' sessions and potentially lead to further security breaches."}, {'type': 'paragraph', 'content': "This can damage your website's integrity, user trust, and overall security posture."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves Stored Cross-Site Scripting (XSS) in the Theater for WordPress plugin, which requires user interaction by privileged users. Detection typically involves monitoring for unusual script injections or unexpected HTML payloads executed in the context of the affected website.
While specific commands are not provided in the available resources, common detection methods include scanning the website for suspicious input fields or stored content that may contain malicious scripts, and reviewing web server logs for unusual requests or payloads.
Additionally, using web vulnerability scanners that support detection of stored XSS vulnerabilities on WordPress plugins can help identify exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate mitigation step is to update the Theater for WordPress plugin to version 0.19.1 or later, where the vulnerability has been patched.
Until the plugin is updated, users are advised to apply the automatic mitigation rule provided by Patchstack to block attacks targeting this vulnerability.
Enabling auto-update functionality for the plugin can also help ensure that future vulnerabilities are patched promptly.