4 matches found
EUVD-2025-204249
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eventslistgrouped' shortcode in all versions up to, and including, 7.2.2.1 due to insufficient input sanitization and output escaping on user supplied...
PT-2025-50921
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 7.2.2.2 via the 'get location' action due to insufficient restrictions on which locations can be included. This makes it possible for...
CVE-2024-3492
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'event', 'location', and 'eventcategory' shortcodes in all versions up to, and including, 6.4.7.3 due to insufficient input sanitization and output escapi...
PT-2024-26249 · WordPress · The Events Manager
Name of the Vulnerable Software and Affected Versions: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress versions up to, and including, 6.4.7.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'event', 'location', and 'event category...