Threat Entry Updated 2025-05-08

CVE-2022-2627 - Before 12 Does Not Sanitise A Parameter Theme

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting.

THEME Before 12 Does Not Sanitise A Parameter

CVE-2022-2627

MEDIUM CVSS 6.1 2022-10-31

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-07

CVE-2022-2167 - Before 12 Does Not Sanitise A Parameter Theme

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting

THEME Before 12 Does Not Sanitise A Parameter

CVE-2022-2167

MEDIUM CVSS 6.1 2022-10-31

Risk Score

Open Full Technical Breakdown