Lucene search
WPScanCVELIST:CVE-2021-24810HistoryMar 07, 2022 - 8:16 a.m.
CVE-2021-24810 WP Event Manager < 3.1.23 - Admin+ Stored Cross-Site Scripting
2022-03-0708:16:00
CWE-79
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
25.0%
The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CNA Affected
[
{
"product": "WP Event Manager – Easily Build your Calendar of Events!",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.1.23",
"status": "affected",
"version": "3.1.23",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress WP Event Manager Cross-Site Scripting Vulnerability
2022-03-09 00:00:00
prion
prion
Cross site scripting
2022-03-07 09:15:00
wpexploit
wpexploit
WP Event Manager < 3.1.23 - Admin+ Stored Cross-Site Scripting
2022-02-14 00:00:00
cve
cve
CVE-2021-24810
2022-03-07 09:15:07
wpvulndb
wpvulndb
WP Event Manager < 3.1.23 - Admin+ Stored Cross-Site Scripting
2022-02-14 00:00:00
nvd
nvd
CVE-2021-24810
2022-03-07 09:15:07