CVE-2019-15109

CVE-2019-15109

EPSS 1.1%

The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribe_paged URL parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wordpress.org/plugins/the-events-calendar/#developers https://wpvulndb.com/vulnerabilities/9554