Description

WordPress Plugin The Events Calendar is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin The Events Calendar version 4.0.4 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 4.0.5 or latest

References

https://wordpress.org/plugins/the-events-calendar/changelog/

Related Vulnerabilities

Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-1967)

WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor Cross-Site Scripting (2.8.2)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3550)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17310)

WordPress Plugin Better Search Replace Cross-Site Request Forgery (1.3.2)

Severity

High

Tags

Missing Update