Cross-site Scripting Vulnerability in Stockholm Theme by Select-Themes
CVE-2025-68077

Currently unrated

Key Information:

Vendor: WordPress
Status: Stockholm
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-68077?

The Stockholm theme by Select-Themes is susceptible to a Cross-site Scripting (XSS) vulnerability due to improper input neutralization during web page generation. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of a user's session, potentially leading to unauthorized actions or data exposure. Affected users should update to the latest version to mitigate the risks associated with this issue.