EUVD-2024-45095

Malicious code in bioql PyPI...

CVE-2024-50532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through = 0.1...

CVE-2024-50532 WordPress Events Manager Pro – extended plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through = 0.1...

CVE-2024-50532

CVE-2024-50532 affecting WordPress plugin Events Manager Pro – extended (versions

CVE-2024-50532 WordPress Events Manager Pro – extended plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through = 0.1...

WordPress plugin Events Manager Pro – extended 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Events Manager Pro – extended plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Events Manager Pro – extended versions = 0.1...

WordPress Events Manager Pro – extended Plugin <= 0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Events Manager Pro – extended Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-50532 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 6e38b5b027b3 Credits SOPROBRO...

WordPress Events Manager Pro plugin <= 2.6.7.1 - CSV Injection vulnerability

CSV Injection vulnerability found by Vishnupriya Ilango in WordPress Events Manager Pro plugin versions = 2.6.7.1. Solution Update the WordPress Events Manager Pro plugin to the latest available version at least 2.6.7.2...

Events Manager Pro < 2.6.7.2 - CSV Injection

The events-manager-pro WordPress plugin was affected by a CSV Injection security vulnerability...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 scope parameter to index.php; 2 username, 3 dbemphone, 4 useremail, or 5...

CVE-2013-1407

The CVE-2013-1407 vulnerabilities affect the WordPress plugin Events Manager and the Events Manager Pro plugin, with multiple input vectors (scope, _wpnonce, user_name, dbem_phone, user_email, booking_comment) leading to XSS . Root cause: insufficient input validation/filtration in the index.php ...