[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-19503":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":50,"name":51,"published":52,"updated":34},19503,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":42,"epss_score":43,"epss_percentile":44,"cve":45,"in_cisa_catalog":48,"date":49,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"medium","The following vulnerabilities exist: - CVE-2022-27848: Authenticated attackers with administrative privileges could inject arbitrary web scripts in pages, that will execute whenever a user accesses an injected page due to insufficient input sanitization and output escaping. - CVE-2023-1400: The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform stored cross-site scripting (XSS) attacks even when the unfiltered_html capability is disallowed.","The WordPress plugin Modern Events Calendar Lite is prone to multiple cross-site scripting (XSS) vulnerabilities.","Update to version 6.5.2 or later.",[40,41],"https://wpscan.com/vulnerability/ef2843d0-f84d-4093-a08b-342ed0848914/","https://wpscan.com/vulnerability/c7feceef-28f1-4cac-b124-4b95e3f17b07/",4.8,0.00288,0.522,[46,47],"CVE-2022-27848","CVE-2023-1400",false,"2022-04-14T00:00:00Z","NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.127596","WordPress Modern Events Calendar Lite Plugin \u003C 6.5.2 Multiple XSS Vulnerabilities","2023-10-24T00:00:00Z"]