Jeroen Schmit Theater for WordPress allows hackers to inject malicious scripts

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Jeroen Schmit Theater for WordPress allows hackers to inject malicious scripts

CVE-2025-69343

Summary

A security issue in Jeroen Schmit Theater for WordPress plugin allows hackers to inject malicious scripts into a website, potentially allowing them to steal user data or take control of the site. This affects all versions up to 0.19. Update to the latest version to fix the issue.

Original title

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for Wo...

Original description

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://patchstack.com/database/Wordpress/Plugin/theatre/vulnerability/wordpress...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026