exploitDog

GHSA-xm26-26vh-5phq

Опубликовано: 18 янв. 2022

Источник: github

Github: Не прошло ревью

Описание

The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues

The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues

Ссылки

EPSS

Процентиль: 43%

0.0021

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-25024

CVSS3: 6.1

nvd

около 4 лет назад

The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues

EPSS

Процентиль: 43%

0.0021

Низкий

CVE ID

Дефекты

CWE-79