1 results (0.005 seconds)
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1
CVE-2018-9020 – Events Manager <= 5.8.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-9020
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature. El plugin Events Manager en versiones anteriores a la 5.8.1.2 para WordPress permite Cross-Site Scripting (XSS) mediante el parámetro mapTitle en events-manager.js en la miniatura de Google Maps. • http://wp-events-plugin.com/blog/2018/01/15/events-manager-5-8-1-2-security-release https://wordpress.org/plugins/events-manager/#developers https://www.gubello.me/blog/events-manager-authenticated-stored-xss https://www.youtube.com/watch?v=40d7uXl36O4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •