Filtered by vendor Eventon Wordpress Plugin Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6910 2 Eventon Wordpress Plugin, Myeventon 2 Eventon Wordpress Plugin, Eventon 2024-10-07 4.8 Medium
The EventON WordPress plugin before 2.2.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.