Lucene search
K

19 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.8 views

CVE-2025-69135

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

8.5CVSS0.00342EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/11 10:32 p.m.3 views

WordPress The Events Calendar plugin <= 6.15.1 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin The Events Calendar versions = 6.15.1...

7.5CVSS7.8AI score0.00324EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/09/05 1:45 p.m.19 views

CVE-2025-58862

CVE-2025-58862 affects WordPress WordPress Events Calendar Plugin – connectDaily (versions

6.5CVSS5.9AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58862 WordPress WordPress Events Calendar Plugin – connectDaily Plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows Stored XSS.This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through = 1.5...

6.5CVSS0.00154EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/05 1:40 p.m.5 views

WordPress WordPress Events Calendar Plugin – connectDaily Plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin WordPress Events Calendar Plugin – connectDaily versions = 1.5.5...

6.5CVSS6AI score0.00154EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.2 views

WordPress plugin WordPress Events Calendar Plugin – connectDaily 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Events Calendar...

6.5CVSS5.8AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.6 views

PT-2025-36201

Name of the Vulnerable Software and Affected Versions: George Sexton WordPress Events Calendar Plugin – connectDaily versions through 1.5.3 Description: The WordPress Events Calendar Plugin – connectDaily contains a cross-site scripting XSS issue due to improper neutralization of input during web...

6.5CVSS4.9AI score0.00154EPSS
Exploits0References5
NVD
NVD
added 2025/05/19 8:15 p.m.13 views

CVE-2025-39372

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

7.1CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 7:38 p.m.17 views

CVE-2025-39372 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 7:38 p.m.38 views

CVE-2025-39372

CVE-2025-39372 – Reflected Cross‑Site Scripting in the WordPress Events Calendar Registration & Tickets plugin (versions

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 7:15 p.m.9 views

CVE-2025-47581

Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

9.8CVSS0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 6:13 p.m.5 views

CVE-2025-47581 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar Registration & Tickets allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through 2.6.0...

9.8CVSS9.5AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 5:15 p.m.4 views

CVE-2025-32597

Cross-Site Request Forgery CSRF vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows Cross-Site Scripting XSS.This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through = 1.5.4...

7.1CVSS0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.3 views

PT-2025-15799 · WordPress · Wordpress Events Calendar Plugin – Connectdaily

Name of the Vulnerable Software and Affected Versions: WordPress Events Calendar Plugin – connectDaily versions 1.4.8 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS in the WordPress Events Calendar Plugin ...

7.1CVSS7.1AI score0.00158EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/25 6:46 a.m.7 views

WordPress The Events Calendar plugin <= 6.6.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Foxyyy in WordPress Plugin The Events Calendar versions = 6.6.4...

9.8CVSS8.1AI score0.49709EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.19 views

WordPress Events Calendar for Google Plugin <= 2.1.0 is vulnerable to Local File Inclusion

Software Events Calendar for Google Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-38716 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 305987aedf95 Credits João Pedro S Alcântar...

6.5CVSS6.6AI score0.00498EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Events Calendar Registration Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Events Calendar Registration Type Plugin Vulnerable versions = 1.9.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f6798e3fd52 Credits Rafie Muhammad...

6.4AI score0.00284EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.9 views

PT-2023-14181 · WordPress · Wordpress Events Calendar

Name of the Vulnerable Software and Affected Versions: The WordPress Events Calendar WordPress plugin versions prior to 1.4.5 Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because a parameter is not properly sanitized and escaped before being outputted back i...

6.1CVSS6.5AI score0.00891EPSS
Exploits2References5
0day.today
0day.today
added 2018/01/10 12:0 a.m.62 views

WordPress Events Calendar Plugin - event_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wichipi Events Calendar - SQL Injection Date: 09-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: codecanyon.net/user/wachipi Version: 1.0 CVE-ID: CVE-2018-5315 Events...

7.5CVSS9.2AI score0.0487EPSS
Exploits5
Rows per page
Query Builder