Security Advisory

CVE-2022-25611

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-25 18:02:35

Last updated 2026-04-28 16:07:39

Assigner Patchstack

State PUBLISHED

Description

Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].

← Browse all CVEs View on cve.org ↗