15 matches found
EUVD-2024-46323
Malicious code in bioql PyPI...
CVE-2024-5059
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through 1.4.0...
CVE-2024-5059
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through 1.4.0...
CVE-2024-5059
CVE-2024-5059 corresponds to an unauthenticated information exposure in the WordPress plugin Event Monster (Event Management, Tickets Booking). Affected: Event Monster – Event Management, Tickets Booking up to version 1.4.0. Impact: Information exposure to an unauthorized actor (CVE notes confide...
WordPress plugin Event Management Tickets Booking security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...
WordPress Event Management Tickets Booking Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure
Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Sensitive Data Exposure CVE CVE-2024-5059 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1c5026c9dc6f Credits Muhammad Daffa...
WordPress Event Management Tickets Booking Plugin <= 1.3.4 is vulnerable to PHP Object Injection
Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1895 Patch priority Medium CVSS severity Medium 7.4 Developer Claim ownership PSID d93e6770a231 Credits Francesco Carlucci...
CVE-2023-47525
CVE-2023-47525 affects the WordPress plugin “Event Management, Tickets Booking” (WordPress Event Monster). The vulnerability is a stored Cross-Site Scripting (XSS) issue caused by improper neutralization of user input during web page generation. Affected versions are reported as n/a through 1.3.2...
CVE-2023-47525 WordPress Event Monster plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Event Management Tickets Booking event-monster allows DOM-Based XSS.This issue affects Event Management Tickets Booking: from n/a through = 1.4.9...
CVE-2023-47525 WordPress Event Management Tickets Booking Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This issue affects Event Monster – Event Management, Tickets Booking, Upcoming Event: from n/a through...
WordPress plugin Event Management Tickets Booking Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
WordPress Event Management Tickets Booking Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.4.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47525 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da5590e03010 Credits Jeongwoo-LeeRoronoa...
WordPress Event Monster plugin <= 1.1.20 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to Visitors Deletion discovered by Thura Moe Myint in the WordPress Event Monster plugin versions = 1.1.20. Solution Update the WordPress Event Management Tickets Booking plugin to the latest available version at least 1.2.0...
WordPress Event Management Tickets Booking plugin <= 1.0.5 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability found by Admavidhya N in WordPress Event Management Tickets Booking plugin versions = 1.0.5. Solution Update the WordPress Event Management Tickets Booking plugin to the latest available version at least 1.0.6...
Event Management Tickets Booking By Event Monster <= 1.0.5 - Stored XSS
The Event Management Tickets Booking By Event Monster WordPress plugin was affected by a Stored XSS security vulnerability...