WordPress WP Event Manager Plugin <= 3.1.40 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-49181
5.9MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 15 December 2023
What is CVE-2023-49181?
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce allows Stored XSS.This issue affects WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce: from n/a through 3.1.40.
Affected Version(s)
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.40