2 matches found
CVE-2022-0600
CVE-2022-0600 affects the WordPress Conference Scheduler plugin prior to version 2.4.3. The issue arises from not sanitizing and escaping the tab parameter before outputting it on an admin page, causing a Reflected Cross-Site Scripting (XSS) vulnerability. Public advisories in connected sources c...
CVE-2022-0600 Conference Scheduler < 2.4.3 - Reflected Cross-Site Scripting
The Conference Scheduler WordPress plugin before 2.4.3 does not sanitize and escape the tab parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting...