WordPress Events Manager plugin <= 184.108.40.206 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
- Events Manager
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability found by Nguyen Van Khanh in WordPress Events Manager plugin (versions <= 220.127.116.11).
- 2020-11-25 - we were unable to find a patched version of this plugin (use at your own risk, we recommend to deactivate and delete the plugin until the safe version release).
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-N/A
Fixed In 18.104.22.168
- Disclosure date
- Nguyen Van Khanh (SunCSR)