CVE-2024-7982

Name of the Vulnerable Software and Affected Versions: Registrations for the Events Calendar WordPress plugin versions prior to 2.12.4

Description: The issue concerns a failure to sanitise and escape certain parameters when accepting event registrations, potentially allowing unauthenticated users to perform Cross-Site Scripting attacks.

Recommendations: For versions prior to 2.12.4, update to version 2.12.4 or later to resolve the issue. As a temporary workaround, consider restricting access to event registration functionality until the update is applied.