Vulnerabilities > Tagdiv > Newspaper > 10.3.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-31 | CVE-2022-2167 | Cross-site Scripting vulnerability in Tagdiv Newspaper The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting | 6.1 |
2022-10-31 | CVE-2022-2627 | Cross-site Scripting vulnerability in Tagdiv Newspaper The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting. | 6.1 |