Cross-site Scripting Vulnerability in TieLabs Jannah Theme
CVE-2025-64207

Currently unrated

Key Information:

Vendor: WordPress
Status: Jannah
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-64207?

The TieLabs Jannah theme is affected by a Cross-site Scripting (XSS) vulnerability that arises from improper neutralization of input during web page generation. This vulnerability opens up opportunities for attackers to inject malicious scripts into web pages viewed by users. As a result, these scripts can execute in the context of a victim's browser session, potentially leading to unauthorized data exposure or session hijacking. Users of the Jannah theme, particularly those using versions equal to or below 7.6.0, should take immediate measures to secure their websites against this vulnerability.