RSS   Vulnerabilities for 'Wp event manager'   RSS

2022-07-11
 
CVE-2022-1474

CWE-79
 

 
The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting

 
2022-03-07
 
CVE-2021-24810

CWE-79
 

 
The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

 

 >>> Vendor: Wp-eventmanager 2 Products
Event banner
Wp event manager


Copyright 2024, cxsecurity.com

 

Back to Top