WordPress Event Made Easy Plugin Cross Site Scripting Vulnerability

  Severity: MEDIUM

  DESCRIPTION

A Cross Site Scripting vulnerability has been found in the Events Made Easy WordPress plugin. By using this issue an attacker can create a specially crafted event which, when posted to WordPress, injects malicious JavaScript code into the application. This code will execute within the browser of any user who views the relevant application content.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000552

Featured Stories