CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25024

The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://wpscan.com/vulnerability/08864b76-d898-4dfe-970d-d7cc1b1115a7
https://wpscan.com/vulnerability/08864b76-d898-4dfe-970d-d7cc1b1115a7

Products affected by CVE-2021-25024

Theeventscalendar » Eventcalendar » Version: Any

cpe:2.3:a:theeventscalendar:eventcalendar:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25024

Products

Pricing

Contact Us