CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24510

The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue

Exploit prediction scoring system (EPSS) score

EPSS Score 0.199

EPSS Ranking 95.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/715721b0-13a1-413a-864d-2380f38ecd39
https://wpscan.com/vulnerability/715721b0-13a1-413a-864d-2380f38ecd39

Products affected by CVE-2021-24510

Mf Gig Calendar Project » Mf Gig Calendar » Version: Any

cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24510

Products

Pricing

Contact Us