3 matches found
CVE-2023-23979
Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...
CVE-2023-23979 WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS)
Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...
CVE-2023-23979
The CVE-2023-23979 entry concerns the WordPress Quick Event Manager plugin (Fullworks) with an unauthenticated Stored Cross-Site Scripting (XSS) vulnerability affecting versions prior to 9.7.5. The issue is tied to improper handling of input (e.g., the "yourname" parameter) leading to XSS. No exp...