Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.12 views

CVE-2021-24147

Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the miccomment field Notes on time when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting...

5.4CVSS6.3AI score0.00748EPSS
Exploits2References1
Circl
Circl
added 2023/11/09 3:39 p.m.7 views

CVE-2021-24147

creationtimestamp| type| source ---|---|--- 2023-11-09 15:39:01+00:00| seen| https://t.me/arpsyndicate/35...

5.4CVSS5.5AI score0.00748EPSS
Exploits2References1
NVD
NVD
added 2021/03/18 3:15 p.m.16 views

CVE-2021-24147

Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the miccomment field Notes on time when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting...

5.4CVSS0.00748EPSS
Exploits2References1
OSV
OSV
added 2021/03/18 3:15 p.m.18 views

CVE-2021-24147

Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the miccomment field Notes on time when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting...

5.4CVSS6.3AI score
Exploits0References1
CVE
CVE
added 2021/03/18 2:57 p.m.55 views

CVE-2021-24147

The CVE-2021-24147 entry concerns the WordPress plugin Modern Events Calendar Lite (pre-5.16.5). Affected component: mic_comment field in event creation/editing; root cause is unvalidated input and lack of output encoding, enabling Cross-Site Scripting when events are viewed. Impact is since low-...

5.4CVSS5.3AI score0.00748EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder