17 matches found
EUVD-2025-11606
Malicious code in bioql PyPI...
CVE-2023-0496
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2025-24624
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...
CVE-2025-24624
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...
CVE-2025-24624 WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...
CVE-2025-24624
The CVE-2025-24624 entry applies to the WordPress HT Event (WordPress Event Manager Plugin for Elementor) plugin. Affected versions are 1.4.6 and earlier, with the root cause described as improper neutralization of input during web page generation, enabling a reflected Cross-Site Scripting (XSS) ...
CVE-2025-24624 WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...
WordPress plugin HT Event 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin HT Event – WordPress Event Manager Plugin for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress HT Event plugin <= 1.4.7 - Authenticated (Contributor+) Sensitive Information Exposure via HT Event: Sponsor vulnerability
Authenticated Contributor+ Sensitive Information Exposure via HT Event: Sponsor vulnerability discovered by Ankit Patel in WordPress Plugin HT Event versions = 1.4.7...
WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HT Event versions = 1.4.6...
CVE-2023-0496
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0496
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
Cross site request forgery (csrf)
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0496
CVE-2023-0496 applies to the HT Event WordPress plugin (
CVE-2023-0496 HT Event < 1.4.6 - Arbitrary Plugin Activation via CSRF
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2023-0496 HT Event < 1.4.6 - Arbitrary Plugin Activation via CSRF
The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...