79 matches found
CVE-2013-7480
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas...
CVE-2013-7479
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field...
CVE-2019-16523
The events-manager plugin through 5.9.5 for WordPress aka Events Manager is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute mapstyle of shortcodes locationsmap and eventsmap provided by the plugin...
CVE-2024-2110
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.4.7.1. This is due to missing or incorrect nonce validation on several actions. This makes it possible for unauthenticated attackers...
WordPress Events Manager Plugin Information Disclosure Vulnerability
WordPress Events Manager Plugin is a full-featured open source plugin designed for managing events on WordPress sites. WordPress Events Manager Plugin suffers from an information disclosure vulnerability that stems from an under-restricted getlocation operation, which can be exploited by an...
CVE-2025-12976
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslistgrouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied...
CVE-2025-12976
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslistgrouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied...
CVE-2025-12976 Events Manager <= 7.2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'events_list_grouped' Shortcode
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslistgrouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied...
CVE-2025-12407
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.2.2. This is due to missing or incorrect nonce validation on the 'locationdelete' action. This makes it possible for unauthenticat...
CVE-2025-12407
The CVE-2025-12407 vector is a CSRF flaw in the WordPress plugin Event s Manager – Calendar, Bookings, Tickets, and more! that exists in versions up to and including 7.2.2.2. The issue stems from missing or incorrect nonce validation on the location_delete action, which could allow unauthenticate...
CVE-2025-12407 Events Manager – Calendar, Bookings, Tickets, and more! <= 7.2.2.2 - Cross-Site Request Forgery to Location Deletion
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.2.2. This is due to missing or incorrect nonce validation on the 'locationdelete' action. This makes it possible for unauthenticat...
CVE-2025-12408 Events Manager <= 7.2.2.2 - Unauthenticated Information Exposure
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 7.2.2.2 via the 'getlocation' action due to insufficient restrictions on which locations can be included. This makes it possible for...
WordPress Events Manager – Calendar, Bookings, Tickets, and more! plugin <= 7.2.2.2 - Cross-Site Request Forgery to Location Deletion vulnerability
Cross-Site Request Forgery to Location Deletion vulnerability discovered by thinnawarth mathuros in WordPress Plugin Events Manager versions = 7.2.2.2...
EUVD-2015-9137
Malware in sbrugna...
EUVD-2013-7235
Malware in sbrugna...
EUVD-2020-22794
Malware in sbrugna...
EUVD-2015-9138
Malware in sbrugna...
EUVD-2013-7238
Malware in sbrugna...
EUVD-2013-7236
Malware in sbrugna...
EUVD-2015-9140
Malware in sbrugna...