Cross-Site Scripting (XSS) Vulnerability in Events Manager Plugin for WordPress

Cross-Site Scripting (XSS) Vulnerability in Events Manager Plugin for WordPress

CVE-2018-9020 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.

Learn more about our Wordpress Pen Testing.