WordPress Event Made Easy Plugin Cross Site Scripting Vulnerability
Publish Date: 29 de września de 2016
Severity: : Medium
DESCRIPTION
A Cross Site Scripting vulnerability has been found in the Events Made Easy WordPress plugin. By using this issue an attacker can create a specially crafted event which, when posted to WordPress, injects malicious JavaScript code into the application. This code will execute within the browser of any user who views the relevant application content.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000552