5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.0%
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Stored Cross-Site Scripting attacks
patchstack.com/database/vulnerability/wp-event-manager/wordpress-wp-event-manager-plugin-3-1-39-cross-site-scripting-xss-vulnerability-2