All-in-One Event Calendar Plugin 1.4 & 1.5 Multiple XSS

Affects Plugin

fixed in version 1.8.2

References

CVE 2012-1835
URL https://www.immuniweb.com/advisory/HTB23082
URL https://seclists.org/bugtraq/2012/Apr/70

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 4957
Verified No
WPVDB ID 7601

Timeline

Publicly Published 2014-09-27 (almost 6 years ago)
Added 2014-09-27 (almost 6 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin