Vulnerabilities > Metagauss > Eventprime > 4.0.5.0

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-12024 Cross-site Scripting vulnerability in Metagauss Eventprime
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the em_ticket_category_data and em_ticket_individual_data parameters in all versions up to, and including, 4.0.5.3 due to insufficient input sanitization and output escaping.
network
low complexity
metagauss CWE-79
6.1
6.1