CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Patchstack•added 2026/02/18 12:36 a.m.•5 views

WordPress Community Events plugin <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'cevenuename' Parameter vulnerability discovered by Bee - FPT University in WordPress Plugin Community Events versions = 1.5.7...

4.4CVSS5.5AI score0.00014EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/11/03 10:23 p.m.•5 views

WordPress Community Events plugin <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ifoundbug in WordPress Plugin Community Events versions = 1.5.2...

7.2CVSS5.5AI score0.00161EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/08/05 12:0 a.m.•14 views

WordPress Community Events Plugin < 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Community Events Type Plugin Vulnerable versions 1.5.1 Fixed in 1.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6270 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 41e2dd4ebfb2 Credits Bob Matyas Required...

4.8CVSS5.8AI score0.0027EPSS

Exploits1References4Affected Software1

Patchstack•added 2024/07/22 12:0 a.m.•12 views

WordPress Community Events Plugin < 1.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Community Events Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6271 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 521f0e010f7a Credits Bob Matyas Required...

5.4CVSS6.7AI score0.00174EPSS

Exploits1References4Affected Software1

Cvelist•added 2017/09/07 8:0 p.m.•19 views

CVE-2015-3313

SQL injection vulnerability in WordPress Community Events plugin before 1.4...

9.9AI score0.18463EPSS

Exploits5References6

0day.today•added 2015/04/21 12:0 a.m.•31 views

WordPress Community Events Plugin 1.3.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================================================= title: SQL Injection product: WordPress Community Events Plugin vulnerable version: 1.3.5 and probably below fixed version: 1.4 CVE number: CVE-2015-3313 impact: CVSS Base...

7.5CVSS0.2AI score0.18463EPSS

Exploits5

Packet Storm•added 2015/04/20 12:0 a.m.•27 views

WordPress Community Events 1.3.5 SQL Injection

======================================================================= title: SQL Injection product: WordPress Community Events Plugin vulnerable version: 1.3.5 and probably below fixed version: 1.4 CVE number: CVE-2015-3313 impact: CVSS Base Score 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P homepage:...

6.5CVSS0.18463EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by