cve/CVE-2021-24510.md at 4c761d11aab685b40e53e87637378a029d1bbbad

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue

POC

Reference

https://wpscan.com/vulnerability/715721b0-13a1-413a-864d-2380f38ecd39

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates

827 B Raw Blame History

CVE-2021-24510

Description

POC

Reference

Github

827 B

Raw Blame History