The Modern Events Calendar Lite WordPress plugin before 6.2.0 alloed any logged-in user, even a subscriber user, may add a category whose parameters are incorrectly escaped in the admin panel, leading to stored XSS.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-08-03T19:49:14.633Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-25046

No data.

Status : Modified
Published: 2022-01-17T13:15:07.967
Modified: 2024-11-21T05:54:14.977
Link: CVE-2021-25046

No data.