CVE-2019-16523

The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin.
Configurations

Configuration 1 (hide)

cpe:2.3:a:pixelite:events_manager:*:*:*:*:*:wordpress:*:*

History

08 Oct 2024, 14:03

Type Values Removed Values Added
First Time Pixelite events Manager
Pixelite
CPE cpe:2.3:a:wp-events-plugin:events_manager:*:*:*:*:*:wordpress:*:* cpe:2.3:a:pixelite:events_manager:*:*:*:*:*:wordpress:*:*

Information

Published : 2019-10-16 15:15

Updated : 2024-10-08 14:03


NVD link : CVE-2019-16523

Mitre link : CVE-2019-16523

CVE.ORG link : CVE-2019-16523


JSON object : View

Products Affected

pixelite

  • events_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')