CVE-2025-62042 WordPress Event post plugin <= 5.10.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through = 5.10.3...

WordPress plugin Event post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Event post plugin <= 5.10.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Event post versions = 5.10.3...

EUVD-2025-8115

Malicious code in bioql PyPI...

EUVD-2024-17133

Malicious code in bioql PyPI...

WordPress plugin Event post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-1376

The Event post plugin for WordPress is vulnerable to unauthorized bulk metadata update due to a missing capability check on the savebulkdatas function in all versions up to, and including, 5.9.4. This makes it possible for authenticated attackers, with subscriber access or higher, to update...

WordPress plugin Event post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

CVE-2025-2167

The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslist' shortcodes in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-26923 WordPress Event post plugin <= 5.9.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through = 5.9.8...

CVE-2025-2167 Event post <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslist' shortcodes in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-2167

CVE-2025-2167 pertains to the WordPress plugin Event post. It enables a Stored Cross-Site Scripting (XSS) via the plugin’s events_list shortcode in all versions up to and including 5.9.9, due to insufficient input sanitization and output escaping on user-supplied attributes. The vulnerability req...

CVE-2025-2167 Event post <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslist' shortcodes in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin Event post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Event post plugin <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Event post versions = 5.9.9...

WordPress Event post plugin <= 5.9.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by preo Patchstack Alliance in WordPress Plugin Event post versions = 5.9.8...

CVE-2025-24585

CVE-2025-24585 is a stored XSS vulnerability in the WordPress plugin “Event post” (N.O.U.S. Open Useful and Simple Event post), affecting versions up to and including 5.9.7. The issue arises from improper neutralization of input during web page generation, allowing stored cross-site scripting. Pu...

WordPress Event post plugin <= 5.9.7 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Event post versions = 5.9.7...

WordPress plugin Event post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Event Post plugin <= 5.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Event post versions = 5.9.6...