CVE-2018-13137

Published: Apr 12, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://wordpress.org/plugins/events-manager/#developers

x_refsource_CONFIRM

https://gist.github.com/ansarisec/12737c207c0851d52865ed60c08891b7

x_refsource_MISC

https://ansawaf.blogspot.com/2019/04/cve-2018-13137-xss-in-events-manager.html

x_refsource_MISC

https://wpvulndb.com/vulnerabilities/9612

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-13137

Description

Affected Products

References