Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11392

Malware in sbrugna...

4.8CVSS5.1AI score0.00613EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.6 views

CVE-2021-24480

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue...

4.8CVSS5.8AI score0.00613EPSS
Exploits2References1
CNVD
CNVD
added 2021/08/05 12:0 a.m.18 views

WordPress The Event Geek plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.The Event Geek plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in...

4.8CVSS4.8AI score0.00613EPSS
Exploits2References1
NVD
NVD
added 2021/08/02 11:15 a.m.12 views

CVE-2021-24480

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue...

4.8CVSS0.00613EPSS
Exploits2References1
OSV
OSV
added 2021/08/02 11:15 a.m.3 views

CVE-2021-24480

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue...

4.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/08/02 11:15 a.m.11 views

Cross site scripting

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue...

3.5CVSS4.8AI score0.00613EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2021/08/02 10:32 a.m.159 views

CVE-2021-24480

CVE-2021-24480 affects the WordPress plugin “Event Geek” up to version 2.5.2. The vulnerability is a stored Cross-Site Scripting (XSS) due to the plugin failing to sanitize/escape the "Use Your Own" setting before outputting it on a page. Exploitation requires authentication (admin+), enabling an...

4.8CVSS4.8AI score0.00613EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/08/02 10:32 a.m.12 views

CVE-2021-24480 Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS)

The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue...

5.1AI score0.00613EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/08/02 12:0 a.m.3 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.The Event Geek plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in...

4.8CVSS5.3AI score0.00613EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.20 views

Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS)

The plugin does not sanitise or escape its "Use your own theme" setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue PoC As admin, put the following payload in the "Use your own theme enter URL:" option...

3.5CVSS0.7AI score0.00613EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/06/28 12:0 a.m.158 views

Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS)

The plugin does not sanitise or escape its "Use your own theme" setting before outputting it in the page, leading to an authenticated admin+ stored Cross-Site Scripting issue As admin, put the following payload in the "Use your own theme enter URL:" option...

3.5CVSS0.2AI score0.00613EPSS
Exploits2
Rows per page
Query Builder