Lucene search
K

9 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-16502

Malware in sbrugna...

5.4CVSS5.5AI score0.00798EPSS
Exploits2References3
cnvd
cnvd
added 2021/04/22 12:0 a.m.4 views

WordPress Larsens Calender plugin cross-site scripting vulnerability

WordPress Larsens Calender is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Larsens Calender plugin version 1.2 and earlier versions, which can be exploited by remote attackers to execute arbitrary web scripts via the "Eintrage hinzufuge...

5.4CVSS6.7AI score0.00798EPSS
Exploits2References1
nvd
nvd
added 2021/04/09 6:15 p.m.18 views

CVE-2020-23762

Cross Site Scripting XSS vulnerability in the Larsens Calender plugin Version = 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab...

5.4CVSS0.00798EPSS
Exploits2References2
osv
osv
added 2021/04/09 6:15 p.m.4 views

CVE-2020-23762

Cross Site Scripting XSS vulnerability in the Larsens Calender plugin Version = 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab...

5.4CVSS6.1AI score0.00798EPSS
Exploits2References2
cve
cve
added 2021/04/09 5:50 p.m.60 views

CVE-2020-23762

The CVE-2020-23762 entry concerns the WordPress plugin Larsens Calender (versions

5.4CVSS5.5AI score0.00798EPSS
Exploits2References2Affected Software1
cnnvd
cnnvd
added 2021/04/09 12:0 a.m.5 views

WordPress 插件 跨站脚本漏洞

WordPress Larsens Calender is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Larsens Calender plugin version 1.2 and earlier versions, which can be exploited by remote attackers to execute arbitrary web scripts via the "Eintrage hinzufuge...

5.4CVSS5.7AI score0.00798EPSS
Exploits2References3
wpexploit
wpexploit
added 2021/04/09 12:0 a.m.111 views

Larsens Calender <= 1.2 - Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or encode the Title of the calendar entries when outputting them in the admin dashboard, leading to Stored XSS issue. Due to the lack of CSRF check, this can be exploited by a CSRF attack, making logged in administrators create malicious entries The PoC will be...

3.5CVSS0.7AI score0.00798EPSS
Exploits2References1
wpvulndb
wpvulndb
added 2021/04/09 12:0 a.m.15 views

Larsens Calender <= 1.2 - Stored Cross-Site Scripting (XSS)

The plugin does not sanitise or encode the Title of the calendar entries when outputting them in the admin dashboard, leading to Stored XSS issue. Due to the lack of CSRF check, this can be exploited by a CSRF attack, making logged in administrators create malicious entries PoC The PoC will be...

3.5CVSS2.6AI score0.00798EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2021/04/09 12:0 a.m.12 views

WordPress Larsens Calender plugin <= 1.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by TH3 HIDD3N 0N3 in WordPress Larsens Calender plugin versions = 1.2. Solution This plugin has been closed as of April 12, 2021 and is not available for download. This closure is temporary, pending a full review...

5.4CVSS2.7AI score0.00798EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder