CVE-2025-22261

Published Jan 7, 2025

Last updated 6 days ago

Overview

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allows Stored XSS.This issue affects WP FullCalendar: from n/a through <= 1.5.
Source: audit@patchstack.com
NVD status: Awaiting Analysis

Weaknesses

audit@patchstack.com: CWE-79

Hype score: Not currently trending

CVE-2025-22261 Stored Cross-Site Scripting in Pixelite WP FullCalendar Versions <= 1.5 There's a Cross-site Scripting (XSS) vulnerability in Pixelite WP FullCalendar. This Stored XSS issue affects WP FullCalendar... https://t.co/kcEluVPvAm
@VulmonFeeds
7 Jan 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.