Approved changes feed: RSS · Atom

cpe:2.3:a:motopress:timetable_and_event_schedule:-:*:*:*:*:wordpress:*:*

part: a version: - update: *

VendorMotopress (6d317652-94c4-5c1f-ac88-5ca1ba2616b8)
ProductTimetable And Event Schedule (c35fd3b9-4559-57e6-80a3-5f840b13fad0)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/motopress/mp-timetable purl2cpe 2026-06-01 10:16:10.787539

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-2843 vulnerable 2026-06-08 05:43:36.603370 MotoPress Timetable and Event Schedule Quick Edit admin-ajax.php cross site scripting
LOW (3.5)
A vulnerability was found in MotoPress Timetable and Event Schedule. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /wp-admin/admin-ajax.php of the component Quick Edit. The manipulation of the argument post_title with the input <img src=x onerror=alert`2`> leads to cross site scripting. The attack may be launched remotely. VDB-206486 is the identifier assigned to this vulnerability.
Published: 2022-08-16T18:50:16.000Z
Updated: 2025-04-15T13:49:50.563Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.