Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/01/31 12:0 a.m.18 views

WordPress EventON Pro Plugin < 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software EventON Pro Type Plugin Vulnerable versions 4.4.1 Fixed in 4.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7200 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f88412538f0b Credits kauenavarro Required...

6.1CVSS5.6AI score0.00426EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2024/01/29 2:44 p.m.58 views

CVE-2023-7200

CVE-2023-7200 : EventON WordPress plugin (EventON Pro) prior to 4.4.1 is vulnerable to reflected XSS due to improper sanitisation/escaping of a parameter before output. Impacted versions:

6.1CVSS6AI score0.00426EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/01/29 2:44 p.m.32 views

CVE-2023-7200 EventON < 4.4.1 - Reflected Cross-Site Scripting

The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00426EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/01/29 2:44 p.m.6 views

CVE-2023-7200 EventON < 4.4.1 - Reflected Cross-Site Scripting

The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00426EPSS
Exploits2References1
Rows per page
Query Builder