Security Advisory

CVE-2022-25612

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-25 18:02:36

Last updated 2026-04-28 16:07:39

Assigner Patchstack

State PUBLISHED

Description

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact].

← Browse all CVEs View on cve.org ↗