CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/12/19 7:32 a.m.•3 views

CVE-2025-12976

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslistgrouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5AI score0.00046EPSS

Exploits0References1

CVE•added 2025/12/18 7:20 a.m.•11 views

CVE-2025-12976

CVE-2025-12976 — Events Manager for WordPress has a stored cross-site scripting vulnerability in the shortcode [events_list_grouped], caused by insufficient input sanitization and output escaping on user-provided attributes. Affected plugin versions are up to 7.2.2.1. The issue enables an authent...

6.4CVSS4.7AI score0.00046EPSS

Exploits0References6

EUVD•added 2025/12/18 7:20 a.m.•2 views

EUVD-2025-204249

6.4CVSS4.7AI score0.00046EPSS

Exploits0References7

Positive Technologies•added 2025/12/18 12:0 a.m.•2 views

PT-2025-51997

Name of the Vulnerable Software and Affected Versions The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress versions through 7.2.2.1 Description The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is susceptible to Stored Cross-Site Scriptin...

6.4CVSS5.2AI score0.00046EPSS

Exploits0References8

Patchstack•added 2025/12/17 10:56 p.m.•5 views

WordPress Events Manager plugin <= 7.2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'events_list_grouped' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'eventslistgrouped' Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Events Manager versions = 7.2.2.1...

6.4CVSS5.6AI score0.00046EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by