WordPress Venture Event Manager plugin <= 3.2.4 - Reflected Cross-Site Scripting (XSS) vulnerability

2021-08-0900:00:00

WPScanTeam

patchstack.com

wordpress

venture event manager

xss

vulnerability

update

Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Venture Event Manager plugin (versions <= 3.2.4).

Solution

           Update the WordPress Venture Event Manager plugin to the latest available version (at least 3.2.5).

wordpress.org/plugins/venture-event-manager/#developers

wpscan.com/vulnerability/a88ffc42-6611-406e-8660-3af24c9cc5e8