Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/02/18 8:26 a.m.28 views

CVE-2026-1941 WP Event Aggregator <= 1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The WP Event Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpevents' shortcode in all versions up to, and including, 1.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.0025EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-3892

Malicious code in bioql PyPI...

7.1CVSS9.1AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-29267

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37554

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:13 a.m.7 views

CVE-2024-31371

Cross-Site Request Forgery CSRF vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6...

4.3CVSS5.1AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:33 a.m.4 views

CVE-2024-38703

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9...

6.5CVSS6.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/16 1:19 p.m.7 views

CVE-2025-24700

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes WP Event Aggregator wp-event-aggregator allows Reflected XSS.This issue affects WP Event Aggregator: from n/a through = 1.8.2...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/02/14 1:15 p.m.10 views

CVE-2025-24700

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes WP Event Aggregator wp-event-aggregator allows Reflected XSS.This issue affects WP Event Aggregator: from n/a through = 1.8.2...

7.1CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/14 12:44 p.m.4 views

CVE-2025-24700 WordPress WP Event Aggregator Plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xylus Themes WP Event Aggregator allows Reflected XSS. This issue affects WP Event Aggregator: from n/a through 1.8.2...

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2025/02/14 12:44 p.m.57 views

CVE-2025-24700

CVE-2025-24700 refers to a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WP Event Aggregator (affected: versions

7.1CVSS7.2AI score0.00235EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/14 12:0 a.m.6 views

PT-2025-7035

Name of the Vulnerable Software and Affected Versions: WP Event Aggregator versions 1.8.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

7.1CVSS8.9AI score0.00235EPSS
Exploits0References7
NVD
NVD
added 2024/07/20 8:15 a.m.11 views

CVE-2024-38703

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9...

6.5CVSS0.00269EPSS
Exploits0References1
CVE
CVE
added 2024/07/20 7:32 a.m.43 views

CVE-2024-38703

CVE-2024-38703 affects WordPress WP Event Aggregator (Plugin) versions n/a through 1.7.9. The issue is Stored XSS due to Improper Neutralization of Input During Web Page Generation. Root cause and impact are stated in the connected records; remediation guidance from the sources is to update to a ...

6.5CVSS6.4AI score0.00269EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/12 10:15 a.m.11 views

CVE-2024-31371

Cross-Site Request Forgery CSRF vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2024/04/12 9:28 a.m.47 views

CVE-2024-31371

CVE-2024-31371 is a Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Event Aggregator, affecting WP Event Aggregator versions from n/a up to 1.7.6. Connected sources (RH Red Hat CVE) confirm the CSRF nature and affected product (WP Event Aggregator) but do not provide concrete d...

4.3CVSS5.1AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/12 9:28 a.m.18 views

CVE-2024-31371 WordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6...

4.3CVSS5AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder