Lucene search
K

4 matches found

NVD
NVD
added 2024/01/22 8:15 p.m.28 views

CVE-2023-7170

The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.0042EPSS
Exploits2References1
CVE
CVE
added 2024/01/22 7:14 p.m.46 views

CVE-2023-7170

Affected software: WordPress, EventON-RSVP plugin prior to 2.9.5. Vulnerability: Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of multiple parameters before output. Impact: could be used against high-privilege users such as admins (per CVE description). Root cause: l...

6.1CVSS6AI score0.0042EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/22 7:14 p.m.18 views

CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS

The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.0042EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/01/22 7:14 p.m.32 views

CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS

The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.0042EPSS
Exploits2References1
Rows per page
Query Builder