277 matches found
VulnCheck KEV: CVE-2022-3477
The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address...
WordPress tagDiv Composer plugin < 3.5 - Unauthenticated Account Takeover vulnerability
Unauthenticated Account Takeover vulnerability discovered by Truoc Phan Techlab Corporation in WordPress tagDiv Composer plugin versions 3.5. Solution Update the WordPress tagDiv Composer plugin to the latest available version at least 3.5...
tagDiv Composer < 3.5 - Unauthenticated Account Takeover
Description The plugin, required by the themes, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address Run the below command in the developer console of the web browser while being on the blog as an...
WordPress Cross-Site Scripting Vulnerability (CNVD-2021-53935)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on PHP and MySQL servers. tagDiv Newspaper theme version 10.3.9.1 of WordPress has a cross-site scripting vulnerability that...
CVE-2021-3135
An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...
CVE-2021-3135
An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...
Design/Logic Flaw
An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...
CVE-2021-3135
The CVE-2021-3135 entry relates to the WordPress tagDiv Newspaper theme (version 10.3.9.1). The vulnerability is an XSS flaw exploitable via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API call. Public documents consistently describe it as a cross-site scripting issue aff...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on PHP and MySQL servers. tagDiv Newspaper theme version 10.3.9.1 of WordPress has a cross-site scripting vulnerability that...
ageliesergasias.gr XSS vulnerability
Open Bug Bounty ID: OBB-654798 Description| Value ---|--- Affected Website:| ageliesergasias.gr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme by tagdiv 8.1.1 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
enggwave.com XSS vulnerability
Open Bug Bounty ID: OBB-652984 Description| Value ---|--- Affected Website:| enggwave.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme by tagdiv 8.1.1 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6....
duta.co XSS vulnerability
Open Bug Bounty ID: OBB-577388 Description| Value ---|--- Affected Website:| duta.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
sneakerbardetroit.com XSS vulnerability
Open Bug Bounty ID: OBB-554092 Description| Value ---|--- Affected Website:| sneakerbardetroit.com Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:|...
magazeta.com XSS vulnerability
Open Bug Bounty ID: OBB-552785 Description| Value ---|--- Affected Website:| magazeta.com Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...
nasiloluyo.com XSS vulnerability
Open Bug Bounty ID: OBB-552742 Description| Value ---|--- Affected Website:| nasiloluyo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newsmag theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
thestyledivision.com XSS vulnerability
Open Bug Bounty ID: OBB-552737 Description| Value ---|--- Affected Website:| thestyledivision.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newsmag theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
tagdiv.com XSS vulnerability
Vulnerable URL: http://tagdiv.com/wp-admin/admin-ajax.php?tdthemename=Newspaper=8.1 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 20881 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Val...