WordPress Newspaper Theme <= 12.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Newspaper Type Theme Vulnerable versions = 12.6.5 Fixed in 12.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3815 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7fb86a187abf Credits István Márton Required...

VulnCheck KEV: CVE-2016-10972

The newspaper theme before 6.7.2 for WordPress has a lack of options access control via tdajaxupdatepanel...