Lucene search
+L

4 matches found

attackerkb
attackerkb
added 2022/08/01 1:15 p.m.6 views

CVE-2022-1324

The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.5AI score0.00511EPSS
Exploits2References2
osv
osv
added 2022/08/01 1:15 p.m.6 views

CVE-2022-1324

The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.8AI score0.00511EPSS
Exploits2References1
ptsecurity
ptsecurity
added 2022/08/01 12:0 a.m.6 views

PT-2022-13798 · WordPress · Event Timeline Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Event Timeline WordPress plugin versions 1.1.5 and earlier Description: The issue allows high-privileged users, such as admins, to perform Cross-Site Scripting attacks due to the lack of sanitization and escaping of Timeline Text, even when...

4.8CVSS4.9AI score0.00511EPSS
Exploits2References5
patchstack
patchstack
added 2022/07/11 12:0 a.m.34 views

WordPress Event Timeline plugin <= 1.1.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Event Timeline plugin versions = 1.1.6. Solution No patched version available...

4.8CVSS2.2AI score0.00511EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder