CVE-2018-16164
CVE-2018-16164 is a stored cross-site scripting vulnerability in the WordPress plugin Event Calendar WD (Web-Dorado) for version 1.1.21 and earlier. The flaw allows a logged-in attacker to inject arbitrary scripts/HTML via unspecified vectors (CWE-79). Impact is an arbitrary script execution in a...