The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.
2024-06-04T06:15:10.820
2025-05-29T20:21:42.117
Analyzed
CVSSv3.1: 9.1 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | stellarwp | the_events_calendar | < 6.4.0.1 | Yes |