Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2023/10/21 7:33 a.m.48 views

CVE-2023-4635

CVE-2023-4635 concerns the EventON WordPress plugin. Public documentation confirms a Reflected Cross-Site Scripting (XSS) vulnerability in versions up to and including 2.2.2, caused by insufficient input sanitization and output escaping of the tab parameter. The exposed impact is unauthenticated ...

6.1CVSS6.2AI score0.01614EPSS
Exploits1References3Affected Software1
Patchstack
Patchstackadded 2023/10/21 12:0 a.m.15 views

WordPress EventON Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software EventON Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-4635 Patch priority Medium CVSS severity Medium 6.1 Developer Claim ownership PSID 2a9d3b757474 Credits Shuning Xu Required privilege...

6.1CVSS6.5AI score0.01614EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder