Filtered by vendor Tagdiv
Subscriptions
Filtered by product Newspaper
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-2167 | 1 Tagdiv | 1 Newspaper | 2022-11-01 | 6.1 Medium |
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting | ||||
CVE-2022-2627 | 1 Tagdiv | 1 Newspaper | 2022-11-01 | 6.1 Medium |
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting. | ||||
CVE-2021-3135 | 1 Tagdiv | 1 Newspaper | 2021-07-28 | 6.1 Medium |
An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API call. | ||||
CVE-2016-10972 | 1 Tagdiv | 1 Newspaper | 2019-09-16 | 9.8 Critical |
The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | ||||
CVE-2017-18634 | 1 Tagdiv | 1 Newspaper | 2019-09-16 | 9.8 Critical |
The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php. |
Page 1 of 1.