Lucene search
K

157 matches found

Positive Technologies
Positive Technologies
added 2023/10/31 12:0 a.m.7 views

PT-2023-28383 · WordPress · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime WordPress plugin versions prior to 3.2.0 Description: The issue concerns a lack of CSRF checks when creating bookings. This could allow attackers to make logged-in users create unwanted bookings via CSRF attacks. Recommendations: F...

4.3CVSS4.5AI score0.00231EPSS
Exploits2References4
OSV
OSV
added 2023/10/25 6:17 p.m.1 views

CVE-2023-45637

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...

6.1CVSS7.3AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/24 11:2 a.m.26 views

CVE-2023-45637 WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...

7.1CVSS6.4AI score0.00437EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/24 11:2 a.m.14 views

CVE-2023-45637 WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...

7.1CVSS6.1AI score0.00437EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.7 views

PT-2023-29613 · WordPress · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin versions = 3.1.5 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. No information is provided about the estimated number of...

7.1CVSS6.2AI score0.00437EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.15 views

WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 3.1.5 Fixed in 3.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45637 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 7c19ecb3f3a7 Credits Phd Required privilege Unauthenticated...

7.1CVSS6.5AI score0.00437EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/20 7:15 a.m.4 views

CVE-2023-35884

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

6.1CVSS5.8AI score0.00411EPSS
Exploits0References1
NVD
NVD
added 2023/06/20 7:15 a.m.27 views

CVE-2023-35884

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

7.1CVSS6.2AI score0.00411EPSS
Exploits0References1
Prion
Prion
added 2023/06/20 7:15 a.m.13 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

5.8CVSS6AI score0.00411EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/20 6:50 a.m.34 views

CVE-2023-35884

CVE-2023-35884 affects the WordPress EventPrime Plugin prior to v3.0.6. It is an unauthenticated, reflected XSS vulnerability in versions ≤ 3.0.5, where input is not properly sanitized/escaped. Impact is reflected XSS leading to potential script execution in victims’ browsers. Fix: upgrade to v3....

7.1CVSS6AI score0.00411EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.6 views

PT-2023-25363 · Unknown · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions prior to 3.0.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into a website, which would the...

7.1CVSS5.8AI score0.00411EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.23 views

WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software EventPrime Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35884 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d78f3844de4 Credits Le Ngoc Anh Required...

7.1CVSS5.6AI score0.00411EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/28 6:15 p.m.20 views

CVE-2023-33326

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/05/28 6:15 p.m.2 views

CVE-2023-33326

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References1
Prion
Prion
added 2023/05/28 6:15 p.m.18 views

Cross site scripting

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...

5.8CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/28 5:42 p.m.39 views

CVE-2023-33326

CVE-2023-33326: Unauthenticated reflected XSS in WordPress EventPrime plugin ≤ 2.8.6. Affected: EventPrime (Modern Events Calendar, Bookings and Tickets) plugin. Root cause: reflected XSS in the plugin (details not fully disclosed in initial docs; multiple sources corroborate). Impact per PatchSt...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.5 views

PT-2023-24295 · Unknown · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions = 2.8.6 Description: The issue is related to an Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to ste...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References3
Rows per page
Query Builder