Cross-site Scripting Vulnerability in Favethemes Houzez Theme Functionality
CVE-2025-62057
Currently unrated
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 6 November 2025
What is CVE-2025-62057?
An improper neutralization of input during web page generation in the Favethemes Houzez Theme Functionality allows attackers to inject malicious scripts into web pages. This XSS vulnerability affects versions from n/a to below 4.2.0, potentially compromising user interactions and exposing sensitive data. It is crucial for users to update to the latest version to safeguard their websites against such attacks.
Affected Version(s)
Houzez Theme - Functionality <= n/a