Known Vulnerabilities for products from Webnus
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Webnus".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-5441 json | The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation i... | Not Provided | 2024-07-09 | 2026-04-08 |
| CVE-2023-4021 json | The Modern Events Calendar lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Google API key and Cale... | Not Provided | 2023-10-20 | 2026-04-08 |
| CVE-2023-1400 json | The Modern Events Calendar Lite WordPress plugin before 6.5.2 does not sanitise and escape some of its settings, which could ... | 4.8 - MEDIUM | 2023-03-27 | 2023-11-07 |
| CVE-2022-30533 json | Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated atta... | 5.4 - MEDIUM | 2022-06-16 | 2022-06-27 |
| CVE-2022-27848 json | Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1 | 4.8 - MEDIUM | 2022-04-14 | 2022-04-22 |
| CVE-2022-0364 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-21 | 2022-03-28 |
| CVE-2021-25046 json | The Modern Events Calendar Lite WordPress plugin before 6.2.0 alloed any logged-in user, even a subscriber user, may add a ca... | 5.4 - MEDIUM | 2022-01-17 | 2022-01-24 |
| CVE-2021-24946 json | The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it... | 9.8 - CRITICAL | 2021-12-13 | 2022-02-04 |
| CVE-2021-24925 json | The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the current_month_divider paramete... | 6.1 - MEDIUM | 2021-12-13 | 2021-12-15 |
| CVE-2021-24716 json | The Modern Events Calendar Lite WordPress plugin before 5.22.3 does not properly sanitize or escape values set by users with ... | 5.4 - MEDIUM | 2021-11-01 | 2021-11-02 |
| CVE-2021-24687 json | The Modern Events Calendar Lite WordPress plugin before 5.22.2 does not escape some of its settings before outputting them in... | 4.8 - MEDIUM | 2021-10-04 | 2021-10-08 |
| CVE-2021-24149 json | Unvalidated input in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.6, did not sanitise the mec[post_... | 8.8 - HIGH | 2021-03-18 | 2021-03-23 |
| CVE-2021-24147 json | Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, di... | 5.4 - MEDIUM | 2021-03-18 | 2021-03-24 |
| CVE-2021-24146 json | Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly re... | 7.5 - HIGH | 2021-03-18 | 2022-08-30 |
| CVE-2021-24145 json | Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the... | 7.2 - HIGH | 2021-03-18 | 2021-12-03 |
| CVE-2020-9459 json | Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for... | 5.4 - MEDIUM | 2020-02-28 | 2020-03-02 |
Known software with vulnerabilities from Webnus
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Webnus | Modern Events Calendar Lite | 3.1.0 |