Security Advisory

CVE-2021-24304

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-09 10:04:04

Last updated 2024-08-03 19:28:23

Assigner WPScan

State PUBLISHED

Description

The Newsmag WordPress theme before 5.0 does not sanitise the td_block_id parameter in its td_ajax_block AJAX action, leading to an unauthenticated Reflected Cross-site Scripting (XSS) vulnerability.

← Browse all CVEs View on cve.org ↗