Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Event Calendar WD version by Web-Dorado

    CVE-2018-16164 (GCVE-0-2018-16164)

    Vulnerability from nvd – Published: 2019-01-09 22:00 – Updated: 2024-08-05 10:17
    VLAI
    Summary
    Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    Impacted products
    Vendor Product Version
    Web-Dorado Event Calendar WD version Affected: 1.1.21 and earlier
    Create a notification for this product.
    Date Public
    2019-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:38.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#75738023",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/9199"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Event Calendar WD version",
              "vendor": "Web-Dorado",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.21 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T10:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#75738023",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/9199"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-16164",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Event Calendar WD version",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1.21 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Web-Dorado"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#75738023",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
                },
                {
                  "name": "https://wpvulndb.com/vulnerabilities/9199",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/9199"
                },
                {
                  "name": "https://plugins.trac.wordpress.org/changeset/1961423/",
                  "refsource": "MISC",
                  "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
                },
                {
                  "name": "https://wordpress.org/plugins/event-calendar-wd/#developers",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-16164",
        "datePublished": "2019-01-09T22:00:00.000Z",
        "dateReserved": "2018-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:38.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-16164 (GCVE-0-2018-16164)

    Vulnerability from cvelistv5 – Published: 2019-01-09 22:00 – Updated: 2024-08-05 10:17
    VLAI
    Summary
    Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Cross-site scripting
    Assigner
    Impacted products
    Vendor Product Version
    Web-Dorado Event Calendar WD version Affected: 1.1.21 and earlier
    Create a notification for this product.
    Date Public
    2019-01-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T10:17:38.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#75738023",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wpvulndb.com/vulnerabilities/9199"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Event Calendar WD version",
              "vendor": "Web-Dorado",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1.21 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2019-01-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Cross-site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-10T10:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#75738023",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wpvulndb.com/vulnerabilities/9199"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2018-16164",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Event Calendar WD version",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.1.21 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Web-Dorado"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Cross-site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#75738023",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN75738023/index.html"
                },
                {
                  "name": "https://wpvulndb.com/vulnerabilities/9199",
                  "refsource": "MISC",
                  "url": "https://wpvulndb.com/vulnerabilities/9199"
                },
                {
                  "name": "https://plugins.trac.wordpress.org/changeset/1961423/",
                  "refsource": "MISC",
                  "url": "https://plugins.trac.wordpress.org/changeset/1961423/"
                },
                {
                  "name": "https://wordpress.org/plugins/event-calendar-wd/#developers",
                  "refsource": "MISC",
                  "url": "https://wordpress.org/plugins/event-calendar-wd/#developers"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2018-16164",
        "datePublished": "2019-01-09T22:00:00.000Z",
        "dateReserved": "2018-08-30T00:00:00.000Z",
        "dateUpdated": "2024-08-05T10:17:38.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }