Lucene search
WpvulndbWPVDB-ID:1A4F0D82-A2C2-47FB-AF30-886204F6BFABHistoryMar 23, 2022 - 12:00 a.m.
Simple Event Planner < 1.5.5 - Author+ Stored Cross-Site Scripting
2022-03-2300:00:00
wpscan.com
10
0.001 Low
EPSS
Percentile
19.4%
The plugin does not sanitise and escape some of its Event Options, such as event_organiser, organiser_email and organiser_contact which could allow users with a role as low as author to perform Cross-Site Scripting attacks
| CPE | Name | Operator | Version |
|---|---|---|---|
| simple-event-planner | lt | 1.5.5 |
Related
cvelist
cvelist
cnvd
cnvd
WordPress Simple Event Planner plugin cross-site scripting vulnerability
2022-03-29 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2022-03-25 19:15:00
nvd
nvd
CVE-2022-25612
2022-03-25 19:15:10
cve
cve
CVE-2022-25612
2022-03-25 19:15:10