Lucene search
K

4 matches found

NVD
NVD
added 2024/11/08 6:15 a.m.13 views

CVE-2024-7982

The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

9.6CVSS0.00665EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/08 6:0 a.m.16 views

CVE-2024-7982 Registrations for The Events Calendar < 2.12.4 - Unauthenticated Stored XSS

The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

0.00665EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/08 6:0 a.m.11 views

CVE-2024-7982 Registrations for The Events Calendar < 2.12.4 - Unauthenticated Stored XSS

The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

8.7AI score0.00665EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.13 views

WordPress Registrations for the Events Calendar Plugin < 2.12.4 is vulnerable to Cross Site Scripting (XSS)

Software Registrations for the Events Calendar Type Plugin Vulnerable versions 2.12.4 Fixed in 2.12.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7982 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 576ddc99ad72...

9.6CVSS5.7AI score0.00665EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder