CVE-2025-64207

Vulnerability

Overview

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability has been discovered in the TieLabs Jannah WordPress theme, affecting versions from n/a through 7.6.0. This is a DOM-based XSS vulnerability, meaning the malicious script is executed on the client side due to unsafe handling of user input within the page's DOM environment [1]. The flaw resides in the theme's failure to properly sanitize input before inserting it into the web page, allowing an attacker to inject arbitrary HTML or JavaScript.

Exploitation and

Attack Surface

Exploitation requires a privileged user (e.g., an administrator) to perform an action such as clicking a malicious link, visiting a crafted page, or submitting a specially crafted form [1]. The attack can be launched remotely over the network, and user interaction by a legitimate user is necessary for the payload to execute. The vulnerability is considered moderately dangerous and is expected to become exploited, with potential for use in mass-exploit campaigns targeting thousands of websites regardless of traffic size or popularity [1].

Impact

If successfully exploited, an attacker could inject malicious scripts into the website, leading to actions such as redirecting redirects, displaying advertisements, or other HTML payloads that execute when guests visit the site [1]. This could compromise the integrity and trustworthiness of the affected website, potentially leading to further attacks on visitors.

Mitigation and

Remediation

Users are advised to update the Jannah theme to version 7.6.1 or later to resolve the vulnerability [1]. As an immediate measure, administrators can apply Patchstack's mitigation rule to block attacks until the patch is applied. Those unable to update should consult their hosting provider or web developer for assistance [1]. No workaround besides updating has been officially documented.