Vulnerabilities > CVE-2021-25024 - Unspecified vulnerability in Theeventscalendar Eventcalendar
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |