AJAX Vulnerability in WordPress Events Calendar Plugin

CVE-2024-4180

Currently unrated 🤨

Key Information

Vendor: WordPress
Status: The Events Calendar
Vendor: CVE Published:; 4 June 2024

Summary

The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.

Affected Version(s)

The Events Calendar < 6.4.0.1

Timeline

Vulnerability published.
Jun 4, 2024
Vulnerability Reserved.
Apr 25, 2024

Collectors

NVD DatabaseMitre Database

Credit

Marc Montpas

WPScan

.