CVE-2018-13137

The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pixelite:events_manager:5.9.4:*:*:*:*:wordpress:*:*

History

08 Oct 2024, 14:03

Type Values Removed Values Added
First Time Pixelite events Manager
Pixelite
CPE cpe:2.3:a:wp-events-plugin:events_manager:5.9.4:*:*:*:*:wordpress:*:* cpe:2.3:a:pixelite:events_manager:5.9.4:*:*:*:*:wordpress:*:*

Information

Published : 2019-04-12 18:29

Updated : 2024-10-08 14:03


NVD link : CVE-2018-13137

Mitre link : CVE-2018-13137

CVE.ORG link : CVE-2018-13137


JSON object : View

Products Affected

pixelite

  • events_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')