4 matches found
CVE-2022-1474
The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting...
SCodeScanner - Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The main objective for this scanner is to find the vulnerabilities inside the source code before code gets published in Prod. Features 1. Supported PHP Language 2...
CVE-2022-1474
The CVE-2022-1474 entry concerns the WordPress WP Event Manager plugin prior to version 3.1.28, where the search input shown in the event dashboard is not properly sanitized/escaped before being echoed in an attribute, allowing Reflected Cross-Site Scripting. Public records in connected documents...
CVE-2022-1474 WP Event Manager < 3.1.28 - Reflected Cross-Site Scripting
The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting...