Vulnerabilities > Mobileeventsmanager > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-24 | CVE-2021-25049 | Cross-site Scripting vulnerability in Mobileeventsmanager Mobile Events Manager The Mobile Events Manager WordPress plugin before 1.4.4 does not sanitise and escape various of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 3.5 |