Lucene search
K

4 matches found

NVD
NVD
added 7 hours ago5 views

CVE-2026-9838

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS
Exploits0References10
CVE
CVE
added 8 hours ago5 views

CVE-2026-9838

The CVE-2026-9838 entry concerns the ICS Calendar plugin for WordPress. It describes a Reflected Cross-Site Scripting (XSS) vulnerability via the htmltagtitle parameter in all versions up to and including 12.0.9. The root cause is insufficient input sanitization and output escaping, with exploita...

6.1CVSS6.2AI score
Exploits0References10
Cvelist
Cvelist
added 8 hours ago6 views

CVE-2026-9838 ICS Calendar <= 12.0.9 - Reflected Cross-Site Scripting via 'htmltagtitle' Parameter

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 8 hours ago3 views

CVE-2026-9838

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.2AI score
Exploits0References11
Rows per page
Query Builder