CVE-2021-24498
Calendar Event Multi View < 1.4.01 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.
Affected products
Unknown · Calendar Event Multi ViewWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →