Source: National Vulnerability Database

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2167

88 hits since 2022-11-03

PHP Vulns Source Ratio: 16% (8190 total, 670 propagated, 4095 filtered)