CVE-2025-1024 | ChurchCRM 5.13.0 EditEventAttendees.php EID cross site scripting

Inserito da Angelo Barbosa | Feb 19, 2025 | CVE

A vulnerability has been found in ChurchCRM 5.13.0 and classified as problematic. This vulnerability affects unknown code of the file EditEventAttendees.php. The manipulation of the argument EID leads to cross site scripting.

This vulnerability was named CVE-2025-1024. The attack can be initiated remotely. There is no exploit available.

CVE-2025-1024 | ChurchCRM 5.13.0 EditEventAttendees.php EID cross site scripting

Post correlati

CVE-2024-3922 | Dokan Pro up to 3.10.3 on WordPress sql injection

CVE-2023-50449 | JFinalCMS 5.0.0 /common/down/file fileKey path traversal

CVE-2024-35629 | Wow-Company Easy Digital Downloads Plugin up to 1.0.2 on WordPress filename control

CVE-2024-51679 | GentleSource Appointmind Plugin up to 4.0.0 on WordPress cross-site request forgery