Lucene search
K

79 matches found

Positive Technologies
Positive Technologies
added 2019/08/22 12:0 a.m.4 views

PT-2019-7027 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5 Description: The issue concerns a cross-site scripting XSS flaw. It affects the events-manager plugin for WordPress, specifically via the EM Ticket::get post function. Recommendations: For versions...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References4
NVD
NVD
added 2019/08/13 5:15 p.m.14 views

CVE-2015-9299

The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS...

6.1CVSS6.4AI score0.00923EPSS
Exploits0References1
NVD
NVD
added 2019/08/13 5:15 p.m.18 views

CVE-2015-9297

The events-manager plugin before 5.6 for WordPress has XSS...

6.1CVSS6.4AI score0.00924EPSS
Exploits0References2
NVD
NVD
added 2019/08/13 5:15 p.m.22 views

CVE-2015-9298

The events-manager plugin before 5.6 for WordPress has code injection...

9.8CVSS9.8AI score0.021EPSS
Exploits0References2
Prion
Prion
added 2019/08/13 5:15 p.m.16 views

Code injection

The events-manager plugin before 5.6 for WordPress has code injection...

7.5CVSS7.9AI score0.021EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/08/13 5:15 p.m.14 views

Cross site scripting

The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues...

4.3CVSS6.4AI score0.00923EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/13 4:43 p.m.66 views

CVE-2015-9297

The CVE-2015-9297 entry refers to the WordPress Events Manager plugin, affected up to versions earlier than 5.6, which contains an XSS vulnerability in the plugin. The connected Red Hat and CNVD/CVE records corroborate an XSS issue in this plugin. The NVD metrics (CVSS v3.1 base score 6.1 MEDIUM;...

6.1CVSS6.4AI score0.00924EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/13 4:42 p.m.68 views

CVE-2015-9298

The CVE-2015-9298 entry concerns the WordPress events-manager plugin, specifically versions prior to 5.6, which is affected by code injection. Multiple sources (NVD entry and repeat citations across Red Hat, CNVD, CVE lists, and WPVulnDB/PT Security) confirm the issue as a code injection flaw in ...

9.8CVSS9.7AI score0.021EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/13 4:42 p.m.50 views

CVE-2015-9299

CVE-2015-9299 is a DOM XSS vulnerability in the WordPress Events Manager plugin prior to 5.5.7.1. The root cause is DOM-based XSS in the events-manager component, leading to potential client-side code execution with low integrity impact and no confidentiality/availability impact according to CVSS...

6.1CVSS6.4AI score0.00923EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.5 views

PT-2019-7257 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.6 Description: The issue concerns code injection in the events-manager plugin for WordPress. Recommendations: For versions prior to 5.6, update to version 5.6 or later to resolve the issue...

9.8CVSS7.7AI score0.021EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.5 views

PT-2019-7259 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5.7 Description: The issue concerns multiple XSS problems. Recommendations: For versions prior to 5.5.7, update to version 5.5.7 or later to resolve the issue...

6.1CVSS6.3AI score0.00923EPSS
Exploits0References4
OSV
OSV
added 2019/04/12 6:29 p.m.4 views

CVE-2018-13137

The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...

4.8CVSS5.8AI score0.01209EPSS
Exploits1References4
OSV
OSV
added 2018/05/14 1:29 p.m.3 views

CVE-2018-0576

Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score0.01517EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/05/14 1:0 p.m.14 views

CVE-2018-0576

Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4AI score0.01517EPSS
Exploits0References3
CVE
CVE
added 2018/05/14 1:0 p.m.59 views

CVE-2018-0576

The CVE-2018-0576 issue concerns the WordPress plugin Events Manager (prior to version 5.9). The vulnerability is a cross-site scripting (XSS) flaw that could allow remote attackers to inject arbitrary script or HTML via unspecified vectors, potentially executing in a logged-in user’s browser. Af...

5.4CVSS5.4AI score0.01517EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/03/26 2:29 a.m.2 views

CVE-2018-9020

The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature...

5.4CVSS5.8AI score0.01058EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2018/03/26 2:29 a.m.2 views

CVE-2018-9020

The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature...

5.4CVSS5.4AI score0.01058EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2018/03/26 12:0 a.m.5 views

PT-2018-18784 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager plugin versions prior to 5.8.1.2 Description: The issue allows for XSS via the mapTitle parameter in the Google Maps miniature within the events-manager.js file. Recommendations: For versions prior to 5.8.1.2, update to version...

5.4CVSS6.1AI score0.01058EPSS
Exploits1References7
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.9 views

WordPress Events Manager Plugin <= 5.3.8 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder