CVE-2025-68978

Name of the Vulnerable Software and Affected Versions designthemes DesignThemes Core versions through 1.6

Description The software contains a flaw related to improper input handling during web page generation, leading to a Cross-site Scripting (XSS) condition. Specifically, the issue manifests as a DOM-Based XSS. The vulnerability allows for the injection of malicious scripts into web pages viewed by users.

Recommendations Update to a version later than 1.6.