CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

452 matches found

Quick Event Manager < 9.7.5 - Cross-Site Scripting

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action. id: CVE-2023-23491 info: name: Quick Event Manager 9.7.5 - Cross-Site Scripting author: ritikchaddha severity: medium...

6.1CVSS6.2AI score0.01179EPSS

Exploits2References4

Nuclei•added 2026/06/16 7:13 a.m.•27 views

SolarWinds Security Event Manager - Unauthenticated RCE

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. id: CVE-2024-0692 info: name: SolarWinds Security Event Manager - Unauthenticated RCE...

8.8CVSS8.6AI score0.91557EPSS

Exploits1References1

CVE•added 2026/06/11 7:5 a.m.•28 views

CVE-2024-32110

CVE-2024-32110 is a CSRF vulnerability in the WordPress plugin Event Manager and Tickets Selling Plugin for WooCommerce (WpEvently) for versions up to 4.1.2. The connected Wordfence listing confirms the issue exists and notes a patch status of Patched, indicating a fix has been applied by the ven...

4.3CVSS5.4AI score0.001EPSS

Exploits0References1

Cvelist•added 2026/06/11 7:5 a.m.•27 views

CVE-2024-32110 WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site request forgery CSRF vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This issue affects WpEvently: from n/a through 4.1.2...

4.3CVSS0.001EPSS

Exploits0References1

Vulnrichment•added 2026/06/11 7:5 a.m.•7 views

CVE-2024-32110 WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site request forgery CSRF vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This issue affects WpEvently: from n/a through 4.1.2...

4.3CVSS5.4AI score0.001EPSS

Exploits0References1

Patchstack•added 2026/06/05 12:0 a.m.•5 views

WordPress Event Monster – Event Manager, Ticket Booking & Registration plugin <= 2.1.0 - Unauthenticated Insufficient Verification of Data Authenticity to Payment Bypass vulnerability

Unauthenticated Insufficient Verification of Data Authenticity to Payment Bypass vulnerability discovered by NAKLEH ZEIDAN in WordPress Plugin Event Management Tickets Booking versions = 2.1.0...

5.3CVSS5.5AI score0.00165EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/05/14 12:0 a.m.•9 views

WordPress plugin My Calendar – Accessible Event Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00341EPSS

Exploits0References1

GithubExploit•added 2026/05/01 1:24 a.m.•78 views

sigma_rule_for_copyfail

Copy Fail Detection — CVE-2026-31431 Detection engineering pr...

7.8CVSS6AI score0.96775EPSS

Exploits228

CNNVD•added 2026/03/04 12:0 a.m.•4 views

WordPress plugin My Calendar – Accessible Event Manager 跨站脚本漏洞

6.4CVSS5.7AI score0.00276EPSS

Exploits0References7

GithubExploit•added 2026/01/13 3:5 p.m.•172 views

Exploit for Deserialization of Untrusted Data in Solarwinds Security_Event_Manager

CVE-...

8.8CVSS7.1AI score0.91557EPSS

Exploits1

RedhatCVE•added 2026/01/09 10:45 a.m.•16 views

CVE-2022-0478

The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the postauthorgutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to perform SQL Injection...

8.8CVSS7.7AI score0.01511EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 9:28 a.m.•7 views

CVE-2023-49181

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce allows Stored XSS.This issue affects WP Event Manager – Events Calendar, Registrations, Sell Ticket...

5.9CVSS6.7AI score0.00382EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:13 a.m.•3 views

CVE-2024-2691

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events' shortcode in all versions up to, and including, 3.1.43 due to insufficient input sanitization and output escaping on use...

6.4CVSS5AI score0.00298EPSS

Exploits0References1