79 matches found
PT-2019-7027 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5 Description: The issue concerns a cross-site scripting XSS flaw. It affects the events-manager plugin for WordPress, specifically via the EM Ticket::get post function. Recommendations: For versions...
CVE-2015-9299
The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS...
CVE-2015-9297
The events-manager plugin before 5.6 for WordPress has XSS...
CVE-2015-9298
The events-manager plugin before 5.6 for WordPress has code injection...
Code injection
The events-manager plugin before 5.6 for WordPress has code injection...
Cross site scripting
The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues...
CVE-2015-9297
The CVE-2015-9297 entry refers to the WordPress Events Manager plugin, affected up to versions earlier than 5.6, which contains an XSS vulnerability in the plugin. The connected Red Hat and CNVD/CVE records corroborate an XSS issue in this plugin. The NVD metrics (CVSS v3.1 base score 6.1 MEDIUM;...
CVE-2015-9298
The CVE-2015-9298 entry concerns the WordPress events-manager plugin, specifically versions prior to 5.6, which is affected by code injection. Multiple sources (NVD entry and repeat citations across Red Hat, CNVD, CVE lists, and WPVulnDB/PT Security) confirm the issue as a code injection flaw in ...
CVE-2015-9299
CVE-2015-9299 is a DOM XSS vulnerability in the WordPress Events Manager plugin prior to 5.5.7.1. The root cause is DOM-based XSS in the events-manager component, leading to potential client-side code execution with low integrity impact and no confidentiality/availability impact according to CVSS...
PT-2019-7257 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.6 Description: The issue concerns code injection in the events-manager plugin for WordPress. Recommendations: For versions prior to 5.6, update to version 5.6 or later to resolve the issue...
PT-2019-7259 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5.7 Description: The issue concerns multiple XSS problems. Recommendations: For versions prior to 5.5.7, update to version 5.5.7 or later to resolve the issue...
CVE-2018-13137
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...
CVE-2018-0576
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0576
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0576
The CVE-2018-0576 issue concerns the WordPress plugin Events Manager (prior to version 5.9). The vulnerability is a cross-site scripting (XSS) flaw that could allow remote attackers to inject arbitrary script or HTML via unspecified vectors, potentially executing in a logged-in user’s browser. Af...
CVE-2018-9020
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature...
CVE-2018-9020
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature...
PT-2018-18784 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: Events Manager plugin versions prior to 5.8.1.2 Description: The issue allows for XSS via the mapTitle parameter in the Google Maps miniature within the events-manager.js file. Recommendations: For versions prior to 5.8.1.2, update to version...
WordPress Events Manager Plugin <= 5.3.8 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...