157 matches found
PT-2023-28383 · WordPress · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime WordPress plugin versions prior to 3.2.0 Description: The issue concerns a lack of CSRF checks when creating bookings. This could allow attackers to make logged-in users create unwanted bookings via CSRF attacks. Recommendations: F...
CVE-2023-45637
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...
CVE-2023-45637 WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...
CVE-2023-45637 WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...
PT-2023-29613 · WordPress · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin versions = 3.1.5 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. No information is provided about the estimated number of...
WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)
Software EventPrime Type Plugin Vulnerable versions = 3.1.5 Fixed in 3.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-45637 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 7c19ecb3f3a7 Credits Phd Required privilege Unauthenticated...
CVE-2023-35884
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...
CVE-2023-35884
CVE-2023-35884 affects the WordPress EventPrime Plugin prior to v3.0.6. It is an unauthenticated, reflected XSS vulnerability in versions ≤ 3.0.5, where input is not properly sanitized/escaped. Impact is reflected XSS leading to potential script execution in victims’ browsers. Fix: upgrade to v3....
PT-2023-25363 · Unknown · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions prior to 3.0.6 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts into a website, which would the...
WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software EventPrime Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35884 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0d78f3844de4 Credits Le Ngoc Anh Required...
CVE-2023-33326
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
Cross site scripting
Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...
CVE-2023-33326
CVE-2023-33326: Unauthenticated reflected XSS in WordPress EventPrime plugin ≤ 2.8.6. Affected: EventPrime (Modern Events Calendar, Bookings and Tickets) plugin. Root cause: reflected XSS in the plugin (details not fully disclosed in initial docs; multiple sources corroborate). Impact per PatchSt...
PT-2023-24295 · Unknown · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions = 2.8.6 Description: The issue is related to an Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to ste...