Cross site scripting

2021-11-2909:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

41.4%

JSON

The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting

CPENameOperatorVersion
registrations_for_the_events_calendarlt2.7.5

CPE	Name	Operator	Version
	registrations_for_the_events_calendar	lt	2.7.5

References

wpscan.com/vulnerability/e77c2493-993d-418d-9629-a1f07b5a2b6f

0.001 Low

EPSS

Percentile

41.4%

JSON

Related for PRION:CVE-2021-24876