WordPress Plugin Vulnerabilities

Event Notifier < 1.2.1 - XSS

Description

The Event Notifier WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
event-notifier
Fixed in 1.2.1

References

CVE
CVE-2017-18576

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
e802311d-61f2-42f1-9dd3-3f123619a4e2

Timeline

Publicly Published
2017-01-16 (about 9 years ago)
Added
2019-08-22 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-07-18
Title
OneSignal Web Push Notifications - Stored XSS
Published
2025-12-01
Title
WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) < 4.0.0 - Unauthenticated Stored Cross-Site Scripting via External Content Import
Published
2025-01-03
Title
Mang Board WP < 1.8.5 - Reflected Cross-Site Scripting
Published
2024-06-17
Title
Church Admin < 4.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-03-19
Title
Standout Color Boxes and Buttons <= 0.7.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode