VYPR

Simple Event Planner

by WordPress

CVEs (2)

  • CVE-2022-25612MedMar 25, 2022
    risk 0.27cvss 4.1epss 0.01

    Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email],…

  • CVE-2022-25611MedMar 25, 2022
    risk 0.27cvss 4.1epss 0.01

    Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].