VYPR

15Zine

by WordPress

CVEs (1)

  • CVE-2020-36510MedFeb 28, 2022
    risk 0.40cvss 6.1epss 0.03

    The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting