Lucene search
K

19 matches found

Patchstack
Patchstack
added 2021/12/20 12:0 a.m.14 views

WordPress Event Calendar WD plugin <= 1.1.50 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Event Calendar WD plugin versions = 1.1.50. Solution Update the WordPress Event Calendar WD plugin to the latest available version at least 1.1.51...

6.1CVSS2.1AI score0.0081EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2021/12/15 12:0 a.m.16 views

WordPress Event Calendar WD plugin <= 1.1.50 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress Event Calendar WD plugin versions = 1.1.50. Solution Update the WordPress Event Calendar WD plugin to the latest available version at least 1.1.51...

4.3CVSS3.2AI score0.00347EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/25 12:0 a.m.12 views

Event Calendar WD < 1.1.46 - Cross-Site Scripting (XSS)

The plugin was affected by a Cross-Site Scripting issue...

1.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/05/31 12:0 a.m.16 views

WordPress Event Calendar WD plugin <= 1.1.44 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered in WordPress Event Calendar WD plugin versions = 1.1.44. Solution Update the WordPress Event Calendar WD plugin to the latest available version at least 1.1.45...

1.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2019/01/09 11:29 p.m.2 views

CVE-2018-16164

Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score0.01204EPSS
Exploits0References4
NVD
NVD
added 2019/01/09 11:29 p.m.17 views

CVE-2018-16164

Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.1AI score0.01204EPSS
Exploits0References4
Prion
Prion
added 2019/01/09 11:29 p.m.14 views

Cross site scripting

Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5AI score0.01204EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/01/09 10:0 p.m.21 views

CVE-2018-16164

Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1AI score0.01204EPSS
Exploits0References4
CVE
CVE
added 2019/01/09 10:0 p.m.38 views

CVE-2018-16164

CVE-2018-16164 is a stored cross-site scripting vulnerability in the WordPress plugin Event Calendar WD (Web-Dorado) for version 1.1.21 and earlier. The flaw allows a logged-in attacker to inject arbitrary scripts/HTML via unspecified vectors (CWE-79). Impact is an arbitrary script execution in a...

5.4CVSS5AI score0.01204EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

WordPress Plugin Event Calendar WD Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Event Calendar WD, which could allow an attacker to execu...

5.4CVSS5.4AI score0.01204EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/11/02 12:0 a.m.553 views

JVN#75738023: WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting

The WordPress plugin "Event Calendar WD" provided by Web-Dorado contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the...

5.4CVSS5.3AI score0.01204EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2018/11/02 12:0 a.m.17 views

Event Calendar WD <= 1.1.21 - Cross-Site Scripting (XSS)

The Event Calendar WD – Responsive Event Calendar plugin WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

3.5CVSS1.4AI score0.01204EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/07/07 1:29 p.m.18 views

Cross site scripting

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01466EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2017/07/07 1:29 p.m.21 views

CVE-2017-2224

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.01466EPSS
Exploits0References5
CVE
CVE
added 2017/07/07 1:0 p.m.53 views

CVE-2017-2224

The CVE-2017-2224 vulnerability affects the WordPress plugin Event Calendar WD (Web-Dorado). It is a cross-site scripting (XSS) flaw in versions prior to 1.0.94 (notably

6.1CVSS6AI score0.01466EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2017/07/07 1:0 p.m.26 views

CVE-2017-2224

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1AI score0.01466EPSS
Exploits0References5
CNVD
CNVD
added 2017/06/21 12:0 a.m.4 views

WordPress Event Calendar WD Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Event Calendar WD is one of the calendar plugin. A cross-site scripting vulnerability exists in versions of the...

6.1CVSS6.5AI score0.01466EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/20 12:0 a.m.37 views

JVN#73550134: WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting

The WordPress plugin "Event Calendar WD" provided by Web-Dorado contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer...

6.1CVSS6AI score0.01466EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2017/06/06 12:0 a.m.16 views

Event Calendar WD <= 1.0.93 - Authenticated Cross-Site Scripting (XSS)

The Event Calendar WD – Responsive Event Calendar plugin WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.8AI score0.01466EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder