Lucene search
+L

277 matches found

vulncheck_kev
vulncheck_kev
added 2022/10/24 12:0 a.m.1 views

VulnCheck KEV: CVE-2022-3477

The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address...

9.8CVSS7.3AI score0.03546EPSS
Exploits2References1
patchstack
patchstack
added 2022/10/24 12:0 a.m.27 views

WordPress tagDiv Composer plugin < 3.5 - Unauthenticated Account Takeover vulnerability

Unauthenticated Account Takeover vulnerability discovered by Truoc Phan Techlab Corporation in WordPress tagDiv Composer plugin versions 3.5. Solution Update the WordPress tagDiv Composer plugin to the latest available version at least 3.5...

9.8CVSS3.2AI score0.03546EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/10/24 12:0 a.m.616 views

tagDiv Composer < 3.5 - Unauthenticated Account Takeover

Description The plugin, required by the themes, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address Run the below command in the developer console of the web browser while being on the blog as an...

9.8CVSS9.7AI score0.03546EPSS
Exploits2
cnvd
cnvd
added 2021/07/21 12:0 a.m.18 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2021-53935)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on PHP and MySQL servers. tagDiv Newspaper theme version 10.3.9.1 of WordPress has a cross-site scripting vulnerability that...

6.1CVSS0.6AI score0.00828EPSS
Exploits1References1
osv
osv
added 2021/07/19 9:15 p.m.4 views

CVE-2021-3135

An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...

6.1CVSS5.8AI score0.00828EPSS
Exploits1References2
attackerkb
attackerkb
added 2021/07/19 9:15 p.m.3 views

CVE-2021-3135

An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...

6.1CVSS6.4AI score0.00828EPSS
Exploits1References3
prion
prion
added 2021/07/19 9:15 p.m.26 views

Design/Logic Flaw

An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php tdblockid parameter in a tdajaxblock API call...

4.3CVSS5.9AI score0.00828EPSS
Exploits1References2Affected Software1
cve
cve
added 2021/07/19 8:1 p.m.86 views

CVE-2021-3135

The CVE-2021-3135 entry relates to the WordPress tagDiv Newspaper theme (version 10.3.9.1). The vulnerability is an XSS flaw exploitable via the wp-admin/admin-ajax.php td_block_id parameter in a td_ajax_block API call. Public documents consistently describe it as a cross-site scripting issue aff...

6.1CVSS5.9AI score0.00828EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2021/07/19 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on PHP and MySQL servers. tagDiv Newspaper theme version 10.3.9.1 of WordPress has a cross-site scripting vulnerability that...

6.1CVSS5.2AI score0.00828EPSS
Exploits1References2
openbugbounty
openbugbounty
added 2018/07/28 2:42 a.m.12 views

ageliesergasias.gr XSS vulnerability

Open Bug Bounty ID: OBB-654798 Description| Value ---|--- Affected Website:| ageliesergasias.gr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme by tagdiv 8.1.1 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...

Exploits0
openbugbounty
openbugbounty
added 2018/07/23 2:24 p.m.30 views

enggwave.com XSS vulnerability

Open Bug Bounty ID: OBB-652984 Description| Value ---|--- Affected Website:| enggwave.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme by tagdiv 8.1.1 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6....

Exploits0
openbugbounty
openbugbounty
added 2018/03/09 4:12 p.m.22 views

duta.co XSS vulnerability

Open Bug Bounty ID: OBB-577388 Description| Value ---|--- Affected Website:| duta.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6AI score
Exploits0
openbugbounty
openbugbounty
added 2018/02/06 3:29 p.m.9 views

sneakerbardetroit.com XSS vulnerability

Open Bug Bounty ID: OBB-554092 Description| Value ---|--- Affected Website:| sneakerbardetroit.com Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:|...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2018/02/04 2:36 p.m.11 views

magazeta.com XSS vulnerability

Open Bug Bounty ID: OBB-552785 Description| Value ---|--- Affected Website:| magazeta.com Vulnerable Application:| newspaper theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2018/02/04 1:37 p.m.17 views

nasiloluyo.com XSS vulnerability

Open Bug Bounty ID: OBB-552742 Description| Value ---|--- Affected Website:| nasiloluyo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newsmag theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.1AI score
Exploits0
openbugbounty
openbugbounty
added 2018/02/04 1:12 p.m.11 views

thestyledivision.com XSS vulnerability

Open Bug Bounty ID: OBB-552737 Description| Value ---|--- Affected Website:| thestyledivision.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| newsmag theme from tagdiv Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

6.1AI score
Exploits0
openbugbounty
openbugbounty
added 2017/08/17 7:12 p.m.15 views

tagdiv.com XSS vulnerability

Vulnerable URL: http://tagdiv.com/wp-admin/admin-ajax.php?tdthemename=Newspaper=8.1 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 20881 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Val...

6.3AI score
Exploits0
Rows per page
Query Builder