Vcita

Event Registration Calendar By Vcita

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4

CVE-2024-11870

  • EPSS 0.13%
  • Veröffentlicht 15.01.2025 08:15:25
  • Zuletzt bearbeitet 15.01.2025 08:15:25

The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user sup...

5.4

CVE-2023-2406

Exploit
  • EPSS 0.1%
  • Veröffentlicht 03.06.2023 05:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:33

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions...

6.5

CVE-2023-2407

Exploit
  • EPSS 0.06%
  • Veröffentlicht 03.06.2023 05:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:33

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validati...