CVE-2021-24510

The MF Gig Calendar WordPress plugin through 1.1 does not sanitise or escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue
References
Configurations

Configuration 1

cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:*:*:*:*:wordpress:*:*:*

Information

Published : 2021-09-13 06:15

Updated : 2021-09-23 01:18


NVD link : CVE-2021-24510

Mitre link : CVE-2021-24510

Products Affected
No products.
CWE