This vulnerability is in the Event Import page. It allows an attacker to inject arbitrary web script or HTML via the “error” parameter to wp-admin/edit.php.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
modern tribe eventbrite tickets | le | 3.10.1 |