cve/CVE-2020-9459.md at eda58812c5773678e9432b65209fee245db925e7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. This affects mec_save_notifications and import_settings.

POC

Reference

https://wpvulndb.com/vulnerabilities/10100
https://wpvulndb.com/vulnerabilities/10100

Github

No PoCs found on GitHub currently.

825 B Raw Blame History

CVE-2020-9459

Description

POC

Reference

Github

825 B

Raw Blame History