2 matches found
CVE-2017-12068
The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an eladmincategories deletebulk action...
CVE-2017-12068
The CVE concerns the WordPress Event List plugin version 0.7.9, which contains an XSS flaw in the slug array parameter to wp-admin/admin.php during the el_admin_categories delete_bulk action. This can lead to script execution in contexts that render the affected slug value. The connected document...