442 matches found
EventPrime < 3.2.0 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. POC 1 - Visit any of the following pages created by the plugin: - Event Organize...
CVE-2023-35884
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884 WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884 WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884
CVE-2023-35884 affects the WordPress EventPrime Plugin prior to v3.0.6. It is an unauthenticated, reflected XSS vulnerability in versions ≤ 3.0.5, where input is not properly sanitized/escaped. Impact is reflected XSS leading to potential script execution in victims’ browsers. Fix: upgrade to v3....
WordPress plugin EventPrime 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2023-25363 · Unknown · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions prior to 3.0.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into a website, which would the...
EventPrime < 3.0.6 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software EventPrime Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35884 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d78f3844de4 Credits Le Ngoc Anh Required...
CVE-2023-33326
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
Cross site scripting
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326 WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326 WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326
CVE-2023-33326: Unauthenticated reflected XSS in WordPress EventPrime plugin ≤ 2.8.6. Affected: EventPrime (Modern Events Calendar, Bookings and Tickets) plugin. Root cause: reflected XSS in the plugin (details not fully disclosed in initial docs; multiple sources corroborate). Impact per PatchSt...
PT-2023-24295 · Unknown · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions = 2.8.6 Description: The issue is related to an Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to ste...
WordPress plugin EventPrime – Modern Events Calendar, Bookings and Tickets 2.8.6及 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)
Software EventPrime Type Plugin Vulnerable versions = 2.8.6 Fixed in 3.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33326 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 54de00d180dc Credits yuyudhn Required...