The Events Calendar < 6.4.0.1 - Cross-site Scripting

The Events Calendar WordPress plugin 6.4.0.1 contains a stored XSS caused by improper sanitization of user-submitted content when rendering views via AJAX, letting attackers execute scripts in the context of the affected site. Exploitation requires user interaction. id: CVE-2024-4180 info: name:...

WordPress plugin Events Calendar security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...

PT-2024-17821 · WordPress · The Events Calendar

Name of the Vulnerable Software and Affected Versions: The Events Calendar WordPress plugin versions prior to 6.4.0.1 The Events Calendar Pro WordPress plugin versions prior to 6.4.0.1 Description: The issue allows users with at least the contributor role to leak details about events they should...

WordPress The Events Calendar plugin < 6.4.0.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Marc Montpas in WordPress Plugin The Events Calendar versions 6.4.0.1...

SonicWall Pro DoS?

Came across an apparent problem on a SonicWall Pro running firmware version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and couldn't find any other postings on this problem so fwiw.. the problem occurs when sending a large HTTP POST to the inside interface - may affect others ju...