388 matches found
Cross site scripting
The events-manager plugin before 5.6 for WordPress has XSS...
Code injection
The events-manager plugin before 5.6 for WordPress has code injection...
CVE-2015-9297
The CVE-2015-9297 entry refers to the WordPress Events Manager plugin, affected up to versions earlier than 5.6, which contains an XSS vulnerability in the plugin. The connected Red Hat and CNVD/CVE records corroborate an XSS issue in this plugin. The NVD metrics (CVSS v3.1 base score 6.1 MEDIUM;...
CVE-2015-9297
The events-manager plugin before 5.6 for WordPress has XSS...
CVE-2015-9298
The CVE-2015-9298 entry concerns the WordPress events-manager plugin, specifically versions prior to 5.6, which is affected by code injection. Multiple sources (NVD entry and repeat citations across Red Hat, CNVD, CVE lists, and WPVulnDB/PT Security) confirm the issue as a code injection flaw in ...
CVE-2015-9298
The events-manager plugin before 5.6 for WordPress has code injection...
CVE-2015-9299
The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS...
CVE-2015-9299
CVE-2015-9299 is a DOM XSS vulnerability in the WordPress Events Manager plugin prior to 5.5.7.1. The root cause is DOM-based XSS in the events-manager component, leading to potential client-side code execution with low integrity impact and no confidentiality/availability impact according to CVSS...
CVE-2015-9300
The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues...
CVE-2015-9300
The CVE-2015-9300 entry concerns the WordPress Events Manager plugin, specifically versions prior to 5.5.7. Multiple cross-site scripting (XSS) issues are reported in this plugin, affecting the plugin’s handling of user-supplied data and potentially enabling client-side code execution. Public ref...
PT-2019-7259 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5.7 Description: The issue concerns multiple XSS problems. Recommendations: For versions prior to 5.5.7, update to version 5.5.7 or later to resolve the issue...
PT-2019-7258 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.5.7.1 Description: The issue is related to DOM XSS in the events-manager plugin for WordPress. Recommendations: For versions prior to 5.5.7.1, update to version 5.5.7.1 or later to resolve the issue...
PT-2019-7256 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.6 Description: The issue concerns a cross-site scripting XSS problem. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
PT-2019-7257 · WordPress · Events Manager
Name of the Vulnerable Software and Affected Versions: events-manager plugin versions prior to 5.6 Description: The issue concerns code injection in the events-manager plugin for WordPress. Recommendations: For versions prior to 5.6, update to version 5.6 or later to resolve the issue...
WordPress Events Manager Plugin < 5.9.5 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112564";...
Design/Logic Flaw
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...
CVE-2018-13137
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...
CVE-2018-13137
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...
CVE-2018-13137
The CVE-2018-13137 entry affects the WordPress Events Manager plugin, version 5.9.4, with a cross-site scripting (XSS) flaw in the dbem_event_reapproved_email_body parameter used in the wp-admin/edit.php?post_type=event&page=events-manager-options URI. Public sources describe this as an XSS vulne...
CVE-2018-13137
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbemeventreapprovedemailbody parameter to the wp-admin/edit.php?posttype=event&page=events-manager-options URI...