Lucene search

Tagdiv Security Vulnerabilities

cve

CVE-2023-39166

Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before...

6.1CVSS

7.1AI Score

0.0005EPSS

2023-11-13 05:15 PM

cve

CVE-2022-3477

The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email...

9.8CVSS

9.5AI Score

0.004EPSS

2022-11-14 03:15 PM

cve

CVE-2021-3135

An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API...

6.1CVSS

5.9AI Score

0.001EPSS

2021-07-19 09:15 PM

cve

CVE-2016-10972

The newspaper theme before 6.7.2 for WordPress has a lack of options access control via...

9.8CVSS

9.5AI Score

0.336EPSS

2019-09-16 05:15 PM

In Wild

cve

CVE-2017-18634

The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to...

9.8CVSS

7.2AI Score

0.008EPSS

2019-09-16 12:15 PM