Nixpkgs security tracker

Untriaged

Permalink CVE-2025-69296

created 1 month, 3 weeks ago

WordPress Aardvark theme <= 4.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhostPool Aardvark aardvark allows Reflected XSS.This issue affects Aardvark: from n/a through <= 4.6.3.

References

https://patchstack.com/database/Wordpress/Theme/aardvark/vulnerability/wordpres… vdb-entry

Affected products

aardvark

=<<= 4.6.3

Matching in nixpkgs

pkgs.aardvark-dns

Authoritative dns server for A/AAAA container records

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.16.0
- nixos-25.11-small 1.16.0
- nixpkgs-25.11-darwin 1.16.0

Package maintainers

@vdemeester Vincent Demeester <vincent@sbr.pm>
@saschagrunert Sascha Grunert <mail@saschagrunert.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.aardvark-dns

Package maintainers