4 matches found
CVE-2021-24724
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise some of its parameters, which could allow low privilege users such as author to perform XSS attacks against frontend and backend users when viewing the related event/s...
CVE-2021-24724
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise some of its parameters, which could allow low privilege users such as author to perform XSS attacks against frontend and backend users when viewing the related event/s...
CVE-2021-24724 Timetable and Event Schedule by MotoPress < 2.3.19 - Author+ Stored Cross-Site Scripting
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise some of its parameters, which could allow low privilege users such as author to perform XSS attacks against frontend and backend users when viewing the related event/s...
CVE-2021-24724
CVE-2021-24724 affects the WordPress plugin “Timetable and Event Schedule by MotoPress” (versions before 2.3.19). The vulnerability is a stored XSS due to unsanitized parameters, allowing low-privilege users (e.g., authors) to execute scripts against frontend and backend users when viewing relate...