5 matches found
CVE-2022-2627
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...
CVE-2022-2627
creationtimestamp| type| source ---|---|--- 2022-10-31 19:38:04+00:00| seen| https://t.me/cibsecurity/52294 2025-05-08 19:24:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15587...
CVE-2022-2627 Newspaper < 12 - Reflected Cross-Site Scripting
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...
CVE-2022-2627
CVE-2022-2627 affects the WordPress Newspaper theme prior to 12. The issue is a cross-site scripting flaw where a parameter is not sanitized before being output back in an HTML attribute via an AJAX action, enabling a reflected XSS. The Nuclei template notes that exploitation could allow an attac...
CVE-2022-2627 Newspaper < 12 - Reflected Cross-Site Scripting
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...