CVE-2020-23762 Stored XSS vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress

1) install Larsens Calender version 1.2

2) goto “kalender” and click “Eintrage hinzufugen” and add xss payload on the “Titel” column and save by clicking “hinzufugen”

3) now go to “kalender” tab and see the XSS getting popped up

Leave a Reply

Your email address will not be published. Required fields are marked *