3 matches found
CVE-2024-33640 WordPress Pretty Google Calendar plugin <= 1.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/a through 1.7.2...
CVE-2024-33640
CVE-2024-33640 is a stored XSS in the Pretty Google Calendar WordPress plugin (LBell Pretty Google Calendar) affecting versions up to 1.7.2. Root cause: improper neutralization of user input during web page generation, enabling stored cross-site scripting. Impact per CVSS: low confidentiality, in...
WordPress Pretty Google Calendar Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)
Software Pretty Google Calendar Type Plugin Vulnerable versions = 1.7.2 Fixed in 2.0.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33640 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6c5ddcc221c Credits LVT-tholv2k Required privilege...