4 matches found
CVE-2024-7982
The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
CVE-2024-7982 Registrations for The Events Calendar < 2.12.4 - Unauthenticated Stored XSS
The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
CVE-2024-7982 Registrations for The Events Calendar < 2.12.4 - Unauthenticated Stored XSS
The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
WordPress Registrations for the Events Calendar Plugin < 2.12.4 is vulnerable to Cross Site Scripting (XSS)
Software Registrations for the Events Calendar Type Plugin Vulnerable versions 2.12.4 Fixed in 2.12.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7982 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 576ddc99ad72...