RSS   Vulnerabilities for 'Community events'   RSS

2021-08-02
 
CVE-2021-24496

CWE-79
 

 
The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator

 
2017-09-07
 
CVE-2015-3313

 

 
SQL injection vulnerability in WordPress Community Events plugin before 1.4.

 


Copyright 2024, cxsecurity.com

 

Back to Top