3 matches found
CVE-2024-4180 The Events Calendar < 6.4.0.1 - Reflected XSS
The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX...
CVE-2024-4180
CVE-2024-4180 affects The Events Calendar WordPress plugin (versions before 6.4.0.1). The issue is an improper sanitization of user-submitted content when rendering certain AJAX views, which enables cross-site scripting (XSS) in the context of the affected site. Affected product and root cause ar...
WordPress The Events Calendar Plugin < 6.4.0.1 is vulnerable to Cross Site Scripting (XSS)
Software The Events Calendar Type Plugin Vulnerable versions 6.4.0.1 Fixed in 6.4.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4180 Patch priority Medium CVSS severity Medium 7.1 Developer Liquid Web / StellarWP PSID 9ded0dc115b9 Credits Marc...