cleantalk
Vulnerabilities and Security Researches

XO Event Calendar, 92562c6c-94a4-427d-97dc-7f5ffddcb6d8

CVE, Research URL

92562c6c-94a4-427d-97dc-7f5ffddcb6d8

Home page URL

Security reports for XO Event Calendar

Application

XO Event Calendar

Published on
-
Research Description
XO Event Calendar [xo-event-calendar] < 2.3.7 (closed) XO Event Calendar &lt; 2.3.7 - Reflected Cross-Site Scripting The plugin does not escape the selected-name parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue
Affected versions
max 2.3.7.
Status
vulnerable
Previous vulnerability researches
XO Event Calendar (CVE-2026-0556) , Apr 16, 2026
XO Event Calendar (92562c6c-94a4-427d-97dc-7f5ffddcb6d8) , Jun 07, 2024
New vulnerability
AMP Enhancer &#8211; Compatibility Layer for Official AMP Plugin (CVE-2026-2027) , Apr 16, 2026
WaveSurfer-WP (CVE-2026-1909) , Apr 16, 2026
xmlrpc attacks blocker (CVE-2026-2502) , Apr 16, 2026
Templately – Gutenberg &amp; Elementor Template Library: 5000+ Free &amp; Pro Ready Templates &amp; Cloud! (CVE-2026-0831) , Apr 16, 2026
iRobots.txt SEO (CVE-2025-68840) , Apr 16, 2026