CVE-2025-57988

Stored Cross-Site Scripting (XSS) vulnerability exists in Uncanny Toolkit for LearnDash plugin for WordPress, affecting versions up to and including 3.7.0.3. The vulnerability arises due to improper neutralization of user input during web page generation, known as stored XSS. This means that unsanitized or unescaped input can be stored on the server and later executed in the context of other users' browsers when accessing affected pages [1].

Exploitation requires a privileged user, such as an administrator or editor, to take an action like clicking a malicious link or submitting crafted data. This interaction may be initiated by a third-party attacker by tricking a legitimate privileged user into performing the action. No authentication from the attacker's side is needed beyond triggering the privileged user's session [1].

If successfully exploited, an attacker can inject arbitrary HTML and JavaScript code. This payload may include redirects, advertisements, defacement, or other malicious content that executes when visitors view the affected page. Potential impacts include session hijacking, credential theft, or further compromise of the WordPress site [1].

The vendor has released version 3.7.0.4 which patches the issue. Users are strongly advised to update immediately. Patchstack users may enable auto-updates to receive the fix automatically. This vulnerability is considered low severity by the vendor but may still be targeted in mass-exploit campaigns [1].