CVE-2022-36390

Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.

Link	Resource
https://patchstack.com/database/vulnerability/calendar-event/wordpress-event-calendar-calendar-plugin-1-4-6-authenticated-reflected-cross-site-scripting-xss-vulnerability	Third Party Advisory
https://wordpress.org/plugins/calendar-event/#developers	Product Release Notes

Configuration 1

cpe:2.3:a:total-soft:event_calendar:*:*:*:*:*:wordpress:*:*

---

Published : 2022-09-21 08:15

Updated : 2022-09-23 02:59

---

NVD link : CVE-2022-36390

Mitre link : CVE-2022-36390

No products.

CWE-79