Lucene search
K

452 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.8 views

CVE-2023-23974

Cross-Site Request Forgery CSRF vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 affecting all registration actions delete, delete all, edit, update...

5.4CVSS7.1AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.11 views

CVE-2023-36383

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin = 3.9.5 versions...

5.9CVSS5.7AI score0.00286EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:18 a.m.3 views

CVE-2023-23491

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action...

6.1CVSS6.2AI score0.01179EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.5 views

CVE-2023-23979

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

7.1CVSS5.2AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.11 views

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

5.3CVSS5.1AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:57 a.m.9 views

CVE-2023-47697

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin = 3.1.39 versions...

7.1CVSS5.9AI score0.00437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:49 a.m.10 views

CVE-2022-46863

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.6.4 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.12 views

CVE-2022-1474

The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00796EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.9 views

CVE-2021-24810

The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00588EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:53 a.m.4 views

CVE-2017-7646

SolarWinds Log & Event Manager LEM before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within...

6.5CVSS6.8AI score0.01209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:50 a.m.6 views

CVE-2015-7839

SolarWinds Log and Event Manager LEM allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality...

7.5CVSS7.9AI score0.06854EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/10 6:26 a.m.22 views

CVE-2025-3419

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxyimage function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on...

7.5CVSS7.3AI score0.00609EPSS
Exploits1References1
NVD
NVD
added 2025/05/08 6:15 a.m.24 views

CVE-2025-3419

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxyimage function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on...

7.5CVSS0.00609EPSS
Exploits1References2
CVE
CVE
added 2025/05/08 5:22 a.m.91 views

CVE-2025-3419

CVE-2025-3419 affects the WordPress plugin family “Event Manager, Events Calendar, Tickets, Registrations – Eventin” (

7.5CVSS7.3AI score0.00609EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/05/08 5:22 a.m.34 views

CVE-2025-3419 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.26 - Unauthenticated Arbitrary File Read

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxyimage function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on...

7.5CVSS0.00609EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/08 5:22 a.m.16 views

CVE-2025-3419 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.26 - Unauthenticated Arbitrary File Read

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 4.0.26 via the proxyimage function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on...

7.5CVSS7.4AI score0.00609EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/17 3:48 p.m.22 views

CVE-2025-24624 WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...

7.1CVSS0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/06 5:28 p.m.17 views

CVE-2025-32225

Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through = 3.2.0...

5.3CVSS7.2AI score0.00458EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/05 2:29 p.m.10 views

CVE-2025-31739

Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager minimalistic-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimalistic Event Manager: from n/a through = 1.1.1...

6.4CVSS7.2AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.15 views

CVE-2025-32225

Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through = 3.2.0...

5.3CVSS0.00458EPSS
Exploits0References1
Rows per page
Query Builder