6 matches found
CVE-2024-6931
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2024-6931
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
EUVD-2024-47917
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
CVE-2024-6931
The CVE pertains to WordPress The Events Calendar plugin. Affected: The Events Calendar plugin for WordPress, versions up to and including 6.6.3. Root cause: Stored Cross-Site Scripting via the RSVP name field due to insufficient input sanitization and output escaping. Impact: unauthenticated att...
PT-2024-37969
Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions prior to 6.6.4 Description The Events Calendar plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS through the RSVP name field. Insufficient input sanitization and output...
WordPress plugin The Events Calendar 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...