Filtered by vendor Rich-web Subscriptions
Filtered by product Event Timeline Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-1324 1 Rich-web 1 Event Timeline 2024-08-03 4.8 Medium
The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed