CVE-2024-3628 – The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its …

7 May 2024

Vuln ID: CVE-2024-3628

Published: 2024-05-07 06:15:08.997

Description: The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

7 May 2024

Categorie(s):

NVD

Tag(s):

NVD

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam19 May 2024
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks19 May 2024
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide19 May 2024
Enhanced Security for Enterprises: Google Launches Google Threat Intelligence19 May 2024
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials19 May 2024