Object Injection Vulnerability in TieLabs Jannah Theme
CVE-2025-64206

Currently unrated

Key Information:

Vendor

WordPress
Status
Jannah
Vendor
CVE Published:
18 December 2025

What is CVE-2025-64206?

A deserialization of untrusted data vulnerability exists in the TieLabs Jannah Theme, allowing for potential object injection. This issue affects versions of Jannah up to and including 7.6.0. Attackers could exploit this vulnerability to inject harmful objects into the server, leading to unauthorized actions or data exposure. It is critical for users to update their Jannah installations to mitigate potential security risks.

Affected Version(s)

Jannah <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Theme/janna...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64206 : Object Injection Vulnerability in TieLabs Jannah Theme