CVE-2021-24876

Name of the Vulnerable Software and Affected Versions: The Registrations for the Events Calendar WordPress plugin versions prior to 2.7.5

Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because the v parameter is not properly escaped before being outputted back in an attribute. This lack of escaping leads to potential scripting attacks.

Recommendations: For versions prior to 2.7.5, update to version 2.7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the attribute that outputs the v parameter to minimize the risk of exploitation.