CVE-2017-2224

Name: CVE-2017-2224
Creator: NVD / NIST
Published: 2017-07-07T13:29:00.77+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.47%

Last modified Jun 17, 2026

CVE-2017-2224 is a vulnerability of currently unknown severity. Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.. EPSS estimates a 1.47% chance of exploitation in the next 30 days.

Description

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Metrics

EPSS Probability

1.47%

70.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Web-Dorado	Event Calendar Wd	<= 1.0.93

References

http://www.securityfocus.com/bid/99155Third Party Advisory, VDB Entry
https://jvn.jp/en/jp/JVN73550134/index.htmlThird Party Advisory, VDB Entry
https://plugins.trac.wordpress.org/changeset/1671891/#file313Release Notes, Third Party Advisory
https://wordpress.org/plugins/event-calendar-wd/#developersThird Party Advisory
https://wpvulndb.com/vulnerabilities/8859
http://www.securityfocus.com/bid/99155Third Party Advisory, VDB Entry
https://jvn.jp/en/jp/JVN73550134/index.htmlThird Party Advisory, VDB Entry
https://plugins.trac.wordpress.org/changeset/1671891/#file313Release Notes, Third Party Advisory
https://wordpress.org/plugins/event-calendar-wd/#developersThird Party Advisory
https://wpvulndb.com/vulnerabilities/8859

Timeline

Published: Jul 7, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-2224?

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

How severe is CVE-2017-2224?

Severity scoring for CVE-2017-2224 is pending analysis. The EPSS model estimates a 1.47% probability of exploitation in the next 30 days.

How do I fix CVE-2017-2224?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-2224?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST