Lucene search
China National Vulnerability DatabaseCNVD-2022-19830HistoryJan 26, 2022 - 12:00 a.m.
WordPress The Registrations for the Events Calendar plugin cross-site scripting vulnerability
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
30.2%
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of the WordPress plugin The Registrations for the Events Calendar prior to 2.7.10, which stems from the fact that The Registrations for the Events Calendar plugin does not escape the qtype parameter until it is exported back to the properties of the settings page. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress the registrations for the events calendar plugin | lt | 2.7.10 |
Related
prion
prion
Cross site scripting
2022-01-24 08:15:00
nvd
nvd
CVE-2021-25083
2022-01-24 08:15:09
cvelist
cvelist
wpvulndb
wpvulndb
cve
cve
CVE-2021-25083
2022-01-24 08:15:09
patchstack
patchstack
wpexploit
wpexploit