Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2023-50842

Disclosure Date: December 28, 2023 (last updated January 05, 2024)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a through 1.2.1.

Attacker Value

Unknown

CVE-2023-37970

Disclosure Date: July 27, 2023 (last updated October 08, 2023)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions.

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-24510

Disclosure Date: September 13, 2021 (last updated November 08, 2023)

The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2012-4242

Disclosure Date: October 01, 2012 (last updated October 05, 2023)

Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2023-50842

Unknown

CVE-2023-37970

Unknown

CVE-2021-24510

Unknown

CVE-2012-4242

Quick Cookie Notification