Lucene search
K

79 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-9140

Malware in sbrugna...

6.1CVSS6.3AI score0.00923EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-7235

Malware in sbrugna...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-9139

Malware in sbrugna...

6.1CVSS6.3AI score0.00923EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-32078

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2025/07/09 11:15 p.m.6 views

CVE-2025-6976

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

5.4CVSS6AI score
Exploits0References8
OSV
OSV
added 2025/07/09 11:15 p.m.4 views

CVE-2025-6975

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendarheader’ parameter in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping. This makes it possible for...

6.1CVSS6AI score
Exploits0References3
CVE
CVE
added 2025/07/09 10:22 p.m.40 views

CVE-2025-6975

CVE-2025-6975 concerns the WordPress plugin Events Manager – Calendar, Bookings, Tickets, and more! Affected versions up to 7.0.3 are vulnerable to Reflected Cross‑Site Scripting via the calendar_header parameter due to insufficient input sanitization and output escaping. Exploitation requires no...

6.1CVSS6.1AI score0.00251EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/09 10:22 p.m.7 views

CVE-2025-6970 Events Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` Parameter

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS7.1AI score0.55683EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/07/09 10:22 p.m.31 views

CVE-2025-6970 Events Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` Parameter

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS0.55683EPSS
Exploits2References3
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.15 views

WordPress plugin Events Manager SQL注入漏洞

WordPress Events Manager plugin is a full-featured event management tool that supports event registration, ticket sales, booking management and recurring event settings. The WordPress Events Manager plugin suffers from a SQL injection vulnerability that stems from the plugin's failure to adequate...

7.5CVSS7.5AI score0.55683EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.3 views

PT-2025-28966 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress versions prior to 7.0.4 Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is susceptible to Reflected Cross-Site Scriptin...

6.1CVSS5.9AI score0.00251EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 3:30 p.m.9 views

CVE-2020-35037

The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues...

6.1CVSS6.1AI score0.00876EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:14 a.m.10 views

CVE-2013-7477

The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.5 views

CVE-2015-9298

The events-manager plugin before 5.6 for WordPress has code injection...

9.8CVSS7.2AI score0.021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:34 a.m.6 views

CVE-2013-7478

The events-manager plugin before 5.5 for WordPress has XSS via EMTicket::getpost...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:5 a.m.8 views

CVE-2015-9300

The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.00923EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:28 a.m.9 views

CVE-2012-6716

The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links...

6.1CVSS6AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:53 a.m.6 views

CVE-2015-9299

The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS...

6.1CVSS7.1AI score0.00923EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/21 5:22 a.m.22 views

CVE-2024-11260 Events Manager – Calendar, Bookings, Tickets, and more! <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the activestatus parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS0.00553EPSS
Exploits0References2
CVE
CVE
added 2025/02/21 5:22 a.m.96 views

CVE-2024-11260

CVE-2024-11260 affects the WordPress plugin Events Manager – Calendar, Bookings, Tickets, and more! The Wordfence summary confirms a time-based SQL Injection via the active_status parameter in all versions up to 6.6.3, caused by insufficient escaping and incomplete query preparation, enabling una...

7.5CVSS7.7AI score0.00553EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder