Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.11 views

CVE-2022-4320

The WordPress Events Calendar WordPress plugin before 1.4.5 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users such as high-privilege ones like admin...

6.1CVSS6.2AI score0.00891EPSS
Exploits2References1
Circl
Circl
added 2025/04/04 6:36 p.m.11 views

CVE-2022-4320

creationtimestamp| type| source ---|---|--- 2025-04-04 18:36:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10524...

6.1CVSS6AI score0.00891EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/16 3:37 p.m.9 views

CVE-2022-4320 WordPress Events Calendar Plugin < 1.4.5 - Multiple Reflected XSS

The WordPress Events Calendar WordPress plugin before 1.4.5 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users such as high-privilege ones like admin...

6.3AI score0.00891EPSS
Exploits2References1
CVE
CVE
added 2023/01/16 3:37 p.m.85 views

CVE-2022-4320

CVE-2022-4320 affects the WordPress Events Calendar plugin prior to version 1.4.5. The issue is improper sanitization/escaping of a parameter, allowing Reflected XSS that can affect both unauthenticated and authenticated users (including admins). Proof-of-concept details and PoCs are available in...

6.1CVSS6.1AI score0.00891EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder