CVEs-PoC/2021/CVE-2021-25083.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

850 B

Raw Permalink Blame History

CVE-2021-25083

Description

The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in an attribute in the settings page, leading to a Reflected Cross-Site Scripting

POC

Reference

https://wpscan.com/vulnerability/9b69544d-6a08-4757-901b-6ccf1cd00ecc

Github

https://github.com/20142995/nuclei-templates

850 B Raw Permalink Blame History

CVE-2021-25083

Description

POC

Reference

Github

850 B

Raw Permalink Blame History