4 matches found
CVE-2023-7170
The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-7170
Affected software: WordPress, EventON-RSVP plugin prior to 2.9.5. Vulnerability: Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of multiple parameters before output. Impact: could be used against high-privilege users such as admins (per CVE description). Root cause: l...
CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS
The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS
The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...