CVE-2021-3135 — CVSS 6.1 (medium): An issue was discovered in the tagDiv Newspaper theme 10.3.9.1 for WordPress. It allows XSS via the wp-admin/admin-ajax.php td_block_id…
CVE-2022-2167 — CVSS 6.1 (medium): The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action…
CVE-2022-2627 — CVSS 6.1 (medium): The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action…
CVE-2024-3815 — CVSS 5.5 (medium): The Newspaper theme for WordPress is vulnerable to Stored Cross-Site Scripting via attachment meta in the archive page in all versions up…