453 matches found
CVE-2024-0692
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution...
CVE-2024-13216
The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function in /includes/widgets/hteventsponsor.php. This makes it possible for authenticated attackers, with...
PT-2025-2071 · WordPress · Ht Event – Wordpress Event Manager Plugin For Elementor
Name of the Vulnerable Software and Affected Versions: The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress versions up to, and including, 1.4.7 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private,...
WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HT Event versions = 1.4.6...
SUSE CVE-2024-52309
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. One powerful feature of SFTPGo is the ability to have the EventManager execute scripts or run applications in response to certain events. This feature is very common in...
CVE-2023-23975
Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...
CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in brightvesseldev Quick Event Manager quick-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through = 9.7.4...
CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...
CVE-2023-23975
The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions
WordPress plugin Quick Event Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
CVE-2024-53721
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager advanced-event-manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through = 1.1.6...
CVE-2024-53721 WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager advanced-event-manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through = 1.1.6...
CVE-2024-53721
CVE-2024-53721 concerns the WordPress plugin Advanced Event Manager (versions up to and including 1.1.6). The connected sources document a Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation, enabling stored XSS. CVSS in the initial entry in...
CVE-2024-53721 WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Stachethemes Advanced Event Manager allows Stored XSS.This issue affects Advanced Event Manager: from n/a through 1.1.6...
WordPress plugin Advanced Event Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Advanced Event Manager versions = 1.1.6...
WordPress Advanced Event Manager Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Event Manager Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-53721 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 46c5eb1a6448 Credits SOPROBRO Required privilege...
PT-2024-35169 · Sftpgo · Sftpgo
Name of the Vulnerable Software and Affected Versions: SFTPGo versions prior to 2.6.3 Description: SFTPGo has a feature that allows the EventManager to execute scripts or run applications in response to certain events. However, any SFTPGo administrator with permission to run a script has access t...
CVE-2024-49703
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through = 4.2.5...
CVE-2024-49703
CVE-2024-49703 affects the WordPress plugin Event Manager for WooCommerce (MagePeople) up to version 4.2.5. It is a Stored XSS caused by improper input neutralization during web page generation. Impact: stored cross‑site scripting vulnerability (Medium severity; CVSS 3.1 base score 6.5). Remediat...