| |
Vulnerability CVE-2023-5238
Published: 2023-10-31
| Description: |
The EventPrime WordPress plugin before 3.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to an HTML Injection on the plugin in the search area of the website. |
Type:
CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
References: |
https://wpscan.com/vulnerability/47a5fbfd-f47c-4356-8567-b29dadb48423
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
