Dwbooster - Calendar Event Multi View CVE

Filtered by vendor Dwbooster Subscribe

Filtered by product Calendar Event Multi View

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24498	1 Dwbooster	1 Calendar Event Multi View	2021-08-10	4.3 MEDIUM	6.1 MEDIUM
The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.

Vulnerabilities (CVE)