CVE-2013-7479
The events-manager plugin for WordPress (pre-5.3.9) contains an XSS flaw in the search form field. Affected versions are prior to 5.3.9; exploitation could enable client-side code execution via the search input. Root cause: unescaped input in the search field leading to script injection. Mitigati...