RSS   Vulnerabilities for 'Calendar event multi view'   RSS

2021-08-02
 
CVE-2021-24498

CWE-79
 

 
The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.

 

 >>> Vendor: Dwbooster 6 Products
Appointment hour booking
Corner ad
Calendar event multi view
Cp blocks
Cp image store with slideshow
Loading page with loading screen


Copyright 2024, cxsecurity.com

 

Back to Top