Lucene search
WpvulndbWPVDB-ID:EF2843D0-F84D-4093-A08B-342ED0848914HistoryApr 14, 2022 - 12:00 a.m.
Modern Events Calendar Lite < 6.5.2 - Admin+ Stored Cross-Site Scripting
2022-04-1400:00:00
wpscan.com
12
0.001 Low
EPSS
Percentile
19.6%
The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
| CPE | Name | Operator | Version |
|---|---|---|---|
| modern-events-calendar-lite | lt | 6.5.2 |
Related
nvd
nvd
CVE-2022-27848
2022-04-14 21:15:08
patchstack
patchstack
cve
cve
CVE-2022-27848
2022-04-14 21:15:08
cvelist
cvelist
prion
prion
Cross site scripting
2022-04-14 21:15:00
openvas
openvas