87 matches found
WordPress Registrations for the Events Calendar plugin SQL injection vulnerability
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress Registrations for the Events Calendar plugin had a SQL injection vulnerability prior to...
PT-2021-16349
Name of the Vulnerable Software and Affected Versions: The Registrations for the Events Calendar WordPress plugin versions prior to 2.7.5 Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because the v parameter is not properly escaped before being outputted back...
WordPress The Events Calendar Plugin < 4.8.2 XSS Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
CVE-2019-15109
The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribepaged URL parameter...
CVE-2018-5315
The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the eventid parameter to event.php...
WordPress Wichipi Events Calendar Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Wachipi WP Events Calendar plugin is used in one of the task calendar plugin. A SQL injection vulnerability exists...
WordPress The Events Calendar Plugin <= 3.0 - Reflected Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...