Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Event Calendar WD version by Web-Dorado
CVE-2018-16164 (GCVE-0-2018-16164)
Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 10:17
VLAI
Summary
Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN75738023/index.html | third-party-advisoryx_refsource_JVN |
| https://wpvulndb.com/vulnerabilities/9199 | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/1961423/ | x_refsource_MISC |
| https://wordpress.org/plugins/event-calendar-wd/#… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Web-Dorado | Event Calendar WD version |
Affected:
1.1.21 and earlier
|
Date Public
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#75738023",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Event Calendar WD version",
"vendor": "Web-Dorado",
"versions": [
{
"status": "affected",
"version": "1.1.21 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-10T10:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#75738023",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Event Calendar WD version",
"version": {
"version_data": [
{
"version_value": "1.1.21 and earlier"
}
]
}
}
]
},
"vendor_name": "Web-Dorado"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#75738023",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9199",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1961423/",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"name": "https://wordpress.org/plugins/event-calendar-wd/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16164",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2018-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16164 (GCVE-0-2018-16164)
Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 10:17
VLAI
Summary
Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN75738023/index.html | third-party-advisoryx_refsource_JVN |
| https://wpvulndb.com/vulnerabilities/9199 | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/1961423/ | x_refsource_MISC |
| https://wordpress.org/plugins/event-calendar-wd/#… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Web-Dorado | Event Calendar WD version |
Affected:
1.1.21 and earlier
|
Date Public
2019-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#75738023",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Event Calendar WD version",
"vendor": "Web-Dorado",
"versions": [
{
"status": "affected",
"version": "1.1.21 and earlier"
}
]
}
],
"datePublic": "2019-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-10T10:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#75738023",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Event Calendar WD version",
"version": {
"version_data": [
{
"version_value": "1.1.21 and earlier"
}
]
}
}
]
},
"vendor_name": "Web-Dorado"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#75738023",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN75738023/index.html"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9199",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9199"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/1961423/",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset/1961423/"
},
{
"name": "https://wordpress.org/plugins/event-calendar-wd/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16164",
"datePublished": "2019-01-09T22:00:00.000Z",
"dateReserved": "2018-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}