Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3135 | 1 Tagdiv | 1 Newspaper | 2021-07-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API call. | |||||
| CVE-2016-10972 | 1 Tagdiv | 1 Newspaper | 2019-09-16 | 7.5 HIGH | 9.8 CRITICAL |
| The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | |||||
| CVE-2017-18634 | 1 Tagdiv | 1 Newspaper | 2019-09-16 | 7.5 HIGH | 9.8 CRITICAL |
| The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php. | |||||