Description

WordPress Plugin Events Shortcodes For The Events Calendar is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Events Shortcodes For The Events Calendar version 1.7.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.8 or latest

References

https://plugins.svn.wordpress.org/template-events-calendar/trunk/readme.txt

Related Vulnerabilities

Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.12)

WordPress Plugin WooCommerce Cross-Site Scripting (3.5.0)

axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28168)

WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.5)

Severity

High

Tags

Missing Update