Newspaper
by Geniusocean
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-15981 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | ||
| CVE-2022-2627 | 0.02 | — | 0.01 | Oct 31, 2022 | The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting. |
- risk 0.67cvss 9.8epss 0.03
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
- CVE-2022-2627Oct 31, 2022risk 0.02cvss —epss 0.01
The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting.