Vulnerabilities (CVE)

Filtered by vendor Roundupwp Subscribe

Filtered by product Registrations For The Events Calendar

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-25083	1 Roundupwp	1 Registrations For The Events Calendar	2022-01-27	4.3 MEDIUM	6.1 MEDIUM
The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in an attribute in the settings page, leading to a Reflected Cross-Site Scripting
CVE-2021-24876	1 Roundupwp	1 Registrations For The Events Calendar	2021-11-29	4.3 MEDIUM	6.1 MEDIUM
The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting