CVE-2025-64194

Vulnerability

Overview

The Eduma theme by ThimPress for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) due to improper neutralization of user-supplied input during web page generation. This flaw affects all versions up to and including 5.7.6 [1]. An attacker with sufficient privileges can inject arbitrary web scripts that are stored on the server and executed in the browsers of other users.

Exploitation

Conditions

Exploitation requires a privileged user, such as an administrator, to perform an action like clicking a malicious link or submitting a crafted form. The vulnerability can be initiated by a user with contributor-level access or higher, but successful execution depends on another privileged user interacting with the injected content [1]. This type of vulnerability is commonly used in mass-exploit campaigns targeting thousands of WordPress sites.

Impact

A successful attack allows the injection of malicious scripts, including redirects, advertisements, and other HTML payloads. These scripts execute when visitors access the affected page, potentially leading to site defacement, credential theft, or further compromise of the WordPress installation [1].

Mitigation

The vendor has released version 5.7.7 which addresses the vulnerability. Users are strongly advised to update immediately. If updating is not possible, consult with a hosting provider or web developer for alternative mitigations [1].