CVE-2023-23491

Summary

The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action.

Affected Software

VendorProductVersion RangeStatus
n/aQuick Event Manager WordPress Plugin< 9.7.5affected

Weaknesses

  • Reflected Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References