Lucene search
China National Vulnerability DatabaseCNVD-2023-06877HistoryJan 18, 2022 - 12:00 a.m.
WordPress EventCalendar plugin cross-site scripting vulnerability
2022-01-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
0.001 Low
EPSS
Percentile
40.3%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of WordPress EventCalendar plugin prior to 1.1.15, which stems from the plugin’s failure to escape certain user input before outputting it back to properties. An attacker could exploit this vulnerability to cause a reflection cross-site scripting issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress eventcalendar plugin | lt | 1.1.51 |
Related
patchstack
patchstack
cvelist
cvelist
CVE-2021-25024 Event Calendar < 1.1.51 - Reflected Cross-Site Scripting
2022-01-17 13:00:31
wpvulndb
wpvulndb
Event Calendar < 1.1.51 - Reflected Cross-Site Scripting
2021-12-20 00:00:00
wpexploit
wpexploit
Event Calendar < 1.1.51 - Reflected Cross-Site Scripting
2021-12-20 00:00:00
nvd
nvd
CVE-2021-25024
2022-01-17 13:15:07
cve
cve
CVE-2021-25024
2022-01-17 13:15:07
prion
prion
Cross site scripting
2022-01-17 13:15:00