CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

444 matches found

Quick Event Manager < 9.7.5 - Cross-Site Scripting

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action. id: CVE-2023-23491 info: name: Quick Event Manager 9.7.5 - Cross-Site Scripting author: ritikchaddha severity: medium...

6.1CVSS6.2AI score0.11089EPSS

Exploits2References4

Nuclei•added 2026/05/24 3:10 p.m.•23 views

SolarWinds Security Event Manager - Unauthenticated RCE

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. id: CVE-2024-0692 info: name: SolarWinds Security Event Manager - Unauthenticated RCE...

8.8CVSS7.6AI score0.78297EPSS

Exploits1References1

CNNVD•added 2026/05/14 12:0 a.m.•3 views

WordPress plugin My Calendar – Accessible Event Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00017EPSS

Exploits0References1

GithubExploit•added 2026/05/01 1:24 a.m.•52 views

sigma_rule_for_copyfail

Copy Fail Detection — CVE-2026-31431 Detection engineering pr...

7.8CVSS6AI score0.02235EPSS

Exploits225

CNNVD•added 2026/03/04 12:0 a.m.•2 views

WordPress plugin My Calendar – Accessible Event Manager 跨站脚本漏洞

6.4CVSS5.7AI score0.00017EPSS

Exploits0References7

GithubExploit•added 2026/01/13 3:5 p.m.•146 views

Exploit for Deserialization of Untrusted Data in Solarwinds Security_Event_Manager

CVE-...

8.8CVSS7.1AI score0.78297EPSS

Exploits1

RedhatCVE•added 2026/01/09 10:45 a.m.•5 views

CVE-2022-0478

The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the postauthorgutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to perform SQL Injection...

8.8CVSS7.7AI score0.00582EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 9:28 a.m.•5 views

CVE-2023-49181

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce allows Stored XSS.This issue affects WP Event Manager – Events Calendar, Registrations, Sell Ticket...

5.9CVSS6.7AI score0.00118EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:13 a.m.•1 views

CVE-2024-2691

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events' shortcode in all versions up to, and including, 3.1.43 due to insufficient input sanitization and output escaping on use...

6.4CVSS5AI score0.00201EPSS

Exploits0References1