2 matches found
CVE-2024-0233
The CVE-2024-0233 entry concerns the WordPress EventON plugin. Concrete details in connected documents show a reflected Cross-Site Scripting (XSS) vulnerability caused by improper sanitisation/escaping of a parameter before it is output in pages, affecting multiple plugin branches: EventON Lite v...
CVE-2024-0233 EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...