Lucene search
Event List ProjectEvent List
2 matches found
CVE-2017-9429
SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.
8.8CVSS9AI score0.00772EPSS
CVE-2017-12068
The Event List plugin 0.7.9 for WordPress has XSS in the slug array parameter to wp-admin/admin.php in an el_admin_categories delete_bulk action.
6.1CVSS6AI score0.0021EPSS