Lucene search
WpvulndbWPVDB-ID:5093E111-9E14-4EAC-BB38-2B56F2DA0096HistoryFeb 02, 2024 - 12:00 a.m.
EventON < 4.4.1 - Reflected Cross-Site Scripting
2024-02-0200:00:00
wpscan.com
3
eventon
wordpress
vulnerable
cross-site scripting
unauthenticated
attackers
Description The EventON Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 4.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.4.1 |
Related
prion
prion
Cross site scripting
2024-01-29 15:15:00
cve
cve
CVE-2023-7200
2024-01-29 15:15:09
cvelist
cvelist
CVE-2023-7200 EventON < 4.4.1 - Reflected Cross-Site Scripting
2024-01-29 14:44:26
nvd
nvd
CVE-2023-7200
2024-01-29 15:15:09
wpvulndb
wpvulndb
EventON < 4.4.1 - Reflected Cross-Site Scripting
2024-01-05 00:00:00
wpexploit
wpexploit
EventON < 4.4.1 - Reflected Cross-Site Scripting
2024-01-05 00:00:00
wordfence
wordfence
6.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Related for WPVDB-ID:5093E111-9E14-4EAC-BB38-2B56F2DA0096