WeeklyNews Premium Theme <= 2.2 - Cross-Site Scripting (XSS)
Vendor confirmed fixed in as 2.2.9 although this issue was not mentioned in the changelog.
|Proof of Concept||
fixed in version 2.2.9
|OWASP Top 10||A3: Cross-Site Scripting (XSS)|
|Publicly Published||2015-05-03 (about 4 years ago)|
|Added||2015-05-04 (about 4 years ago)|
|Last Updated||2015-12-20 (over 3 years ago)|