CVE-2026-8898 | ruchit47 Events In City Plugin up to 3.0 on WordPress Shortcode org_event_scode cross site scripting

A vulnerability has been found in ruchit47 Events In City Plugin up to 3.0 on WordPress and classified as problematic. The affected element is the function org_event_scode of the component Shortcode Handler. The manipulation of the argument organizer_id/width/height/transparency/header/border/layout leads to cross site scripting.

This vulnerability is documented as CVE-2026-8898. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More