cve/CVE-2018-18872.md at c42a8175e7a919537d1a63deb490ade8c3ea0285

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 10:40:54 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

The Kieran O'Shea Calendar plugin before 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creation at the wp-admin/admin.php?page=calendar-categories URI.

POC

Reference

https://wpvulndb.com/vulnerabilities/9141

Github

No PoCs found on GitHub currently.

722 B Raw Blame History

CVE-2018-18872

Description

POC

Reference

Github

722 B

Raw Blame History