Lucene search
WPScanCVELIST:CVE-2021-24510HistorySep 13, 2021 - 5:56 p.m.
CVE-2021-24510 MF Gig Calendar < 1.2 - Reflected Cross-Site Scripting (XSS)
2021-09-1317:56:22
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
47.7%
The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue
CNA Affected
[
{
"vendor": "Unknown",
"product": "MF Gig Calendar",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "1.2"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Cross site scripting
2021-09-13 18:15:00
wpvulndb
wpvulndb
MF Gig Calendar <= 1.1 - Reflected Cross-Site Scripting (XSS)
2021-08-17 00:00:00
cve
cve
CVE-2021-24510
2021-09-13 18:15:15
nuclei
nuclei
WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting
2022-02-04 19:18:10
wpexploit
wpexploit
MF Gig Calendar <= 1.1 - Reflected Cross-Site Scripting (XSS)
2021-08-17 00:00:00
nvd
nvd
CVE-2021-24510
2021-09-13 18:15:15