VYPR

Event Registration Calendar By Vcita

by Vcita

CVEs (3)

  • CVE-2024-11870MedJan 15, 2025
    risk 0.42cvss 6.4epss 0.00

    The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2023-2407MedJun 3, 2023
    risk 0.40cvss 6.1epss 0.00

    The Event Registration Calendar By vcita plugin, versions up to and including 3.10.0, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the…

  • CVE-2023-2406MedJun 3, 2023
    risk 0.35cvss 6.4epss 0.01

    The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including,…