Lucene search
High-Tech BridgePATCHSTACK:D50E19BFB95A76A6DFABEA1CD209D2D4HistorySep 22, 2014 - 12:00 a.m.
WordPress Google Calendar Events Plugin <= 2.0.3 - XSS
2014-09-2200:00:00
High-Tech Bridge
patchstack.com
13
EPSS
0.005
Percentile
76.5%
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the “gce_feed_ids” parameter in a gce_ajax action to wp-admin/admin-ajax.php.
Solution
Update the plugin.
Related
packetstorm
packetstorm
WordPress Google Calendar Events 2.0.1 Cross Site Scripting
2014-10-10 00:00:00
prion
prion
Cross site scripting
2014-10-16 19:55:00
nvd
nvd
CVE-2014-7138
2014-10-16 19:55:14
zdt
zdt
WordPress Google Calendar Events 2.0.1 Cross Site Scripting Vulnerability
2014-10-10 00:00:00
wpvulndb
wpvulndb
Google Calendar Events < 2.0.4 - XSS
2014-10-08 00:00:00
htbridge
htbridge
cvelist
cvelist
CVE-2014-7138
2014-10-16 19:00:00
securityvulns
securityvulns
nessus
nessus
Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSS
2014-11-21 00:00:00
cve
cve
CVE-2014-7138
2014-10-16 19:55:14