WordPress EventON Plugin <= 2.2.15 is vulnerable to Cross Site Scripting (XSS)

Software EventON Type Plugin Vulnerable versions = 2.2.15 Fixed in 2.2.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6180 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID aa2963dca1bd Credits Lucio Sá Required...

WordPress EventON Plugin <= 2.2.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software EventON Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8c97e0a9cf60 Credits Francesco Carlucci Required...

WordPress EventON Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software EventON Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-4635 Patch priority Medium CVSS severity Medium 6.1 Developer Claim ownership PSID 2a9d3b757474 Credits Shuning Xu Required privilege...