Permalink
CVE-2025-58964
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
by @LeSuisse Activity log
- Created automatic suggestion
- @LeSuisse dismissed
WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4.
References
- https://vdp.patchstack.com/database/Wordpress/Theme/enzy/vulnerability/wordpres… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Theme/enzy/vulnerability/wordpres… vdb-entry
- https://vdp.patchstack.com/database/Wordpress/Theme/enzy/vulnerability/wordpres… vdb-entry
- https://patchstack.com/database/Wordpress/Theme/enzy/vulnerability/wordpress-en… vdb-entry
Affected products
enzy
- =<< 1.6.4
Matching in nixpkgs
pkgs.enzyme
High-performance automatic differentiation of LLVM and MLIR
pkgs.python312Packages.enzyme
Python video metadata parser
pkgs.python313Packages.enzyme
Python video metadata parser
Package maintainers
-
@kiranshila Kiran Shila <me@kiranshila.com>