CVE-2025-64208

The TieLabs Jannah - Extensions WordPress plugin, versions 1.1.4 and earlier, contains a DOM-Based Cross-Site Scripting (XSS) vulnerability due to improper neutralization of input during web page generation [1]. This flaw enables an attacker to inject arbitrary JavaScript into the browser DOM of a victim visiting the affected site.

Exploitation requires a privileged user (e.g., an administrator) to perform an action, such as clicking a crafted link or visiting a specially prepared page, which triggers the payload execution in their browser [1]. The attack does not require direct interaction with server-side code, as the injection occurs client-side via DOM manipulation.

Successful exploitation could allow a malicious actor to execute arbitrary scripts in the context of the victim's session, leading to potential redirections, display of advertising, or theft of sensitive data like authentication tokens [1]. As a result, the vulnerability could be used in mass-exploit campaigns against vulnerable WordPress sites.

The vulnerability is addressed in version 1.1.5 of the plugin [1]. Administrators are strongly advised to update immediately; those unable to update should contact their hosting provider or web developer for assistance. Patchstack users can enable auto-updates for the plugin [1].