Lucene search
+L

453 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 11:7 p.m.7 views

CVE-2024-0692

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution...

8.8CVSS8.2AI score0.92245EPSS
Exploits1References1
NVD
NVD
added 2025/01/31 6:15 a.m.22 views

CVE-2024-13216

The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function in /includes/widgets/hteventsponsor.php. This makes it possible for authenticated attackers, with...

4.3CVSS0.00306EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.13 views

PT-2025-2071 · WordPress · Ht Event – Wordpress Event Manager Plugin For Elementor

Name of the Vulnerable Software and Affected Versions: The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress versions up to, and including, 1.4.7 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private,...

4.3CVSS9AI score0.00306EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/12/30 5:57 p.m.8 views

WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HT Event versions = 1.4.6...

7.1CVSS6.1AI score0.00257EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2024/12/13 12:21 a.m.4 views

SUSE CVE-2024-52309

SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. One powerful feature of SFTPGo is the ability to have the EventManager execute scripts or run applications in response to certain events. This feature is very common in...

5.1CVSS7.1AI score0.00598EPSS
Exploits0References3
NVD
NVD
added 2024/12/09 1:15 p.m.21 views

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

5.3CVSS0.0064EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.19 views

CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in brightvesseldev Quick Event Manager quick-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through = 9.7.4...

5.3CVSS5.8AI score0.0064EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.25 views

CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

5.3CVSS0.0064EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.56 views

CVE-2023-23975

The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions

5.3CVSS5.1AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.7 views

WordPress plugin Quick Event Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

5.3CVSS6.8AI score0.0064EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 2:15 p.m.25 views

CVE-2024-53721

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager advanced-event-manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through = 1.1.6...

6.5CVSS0.003EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 1:48 p.m.34 views

CVE-2024-53721 WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager advanced-event-manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through = 1.1.6...

6.5CVSS0.003EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:48 p.m.41 views

CVE-2024-53721

CVE-2024-53721 concerns the WordPress plugin Advanced Event Manager (versions up to and including 1.1.6). The connected sources document a Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation, enabling stored XSS. CVSS in the initial entry in...

6.5CVSS7.2AI score0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/02 1:48 p.m.19 views

CVE-2024-53721 WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through 1.1.6...

6.5CVSS6.7AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.4 views

WordPress plugin Advanced Event Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS7.6AI score0.003EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/22 4:9 p.m.4 views

WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Advanced Event Manager versions = 1.1.6...

6.5CVSS6.1AI score0.003EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.13 views

WordPress Advanced Event Manager Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Event Manager Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-53721 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 46c5eb1a6448 Credits SOPROBRO Required privilege...

6.5AI score0.003EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.4 views

PT-2024-35169 · Sftpgo · Sftpgo

Name of the Vulnerable Software and Affected Versions: SFTPGo versions prior to 2.6.3 Description: SFTPGo has a feature that allows the EventManager to execute scripts or run applications in response to certain events. However, any SFTPGo administrator with permission to run a script has access t...

7.7CVSS7.5AI score0.00598EPSS
Exploits0References16
NVD
NVD
added 2024/10/24 12:15 p.m.11 views

CVE-2024-49703

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through = 4.2.5...

6.5CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 2024/10/24 12:11 p.m.51 views

CVE-2024-49703

CVE-2024-49703 affects the WordPress plugin Event Manager for WooCommerce (MagePeople) up to version 4.2.5. It is a Stored XSS caused by improper input neutralization during web page generation. Impact: stored cross‑site scripting vulnerability (Medium severity; CVSS 3.1 base score 6.5). Remediat...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder