Cross site scripting

2023-12-1418:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

input neutralization

web page generation

simple calendar plugin

google calendar plugin

stored xss

vulnerability

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Simple Calendar Simple Calendar – Google Calendar Plugin allows Stored XSS.This issue affects Simple Calendar – Google Calendar Plugin: from n/a through 3.2.6.

CPENameOperatorVersion
simple_calendarlt3.2.8

CPE	Name	Operator	Version
	simple_calendar	lt	3.2.8

References

patchstack.com/database/vulnerability/google-calendar-events/wordpress-google-calendar-events-plugin-3-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve