19 matches found
CVE-2025-69135
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...
WordPress The Events Calendar plugin <= 6.15.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by mikemyers in WordPress Plugin The Events Calendar versions = 6.15.1...
CVE-2025-58862
CVE-2025-58862 affects WordPress WordPress Events Calendar Plugin – connectDaily (versions
CVE-2025-58862 WordPress WordPress Events Calendar Plugin – connectDaily Plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows Stored XSS.This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through = 1.5...
WordPress WordPress Events Calendar Plugin – connectDaily Plugin <= 1.5.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin WordPress Events Calendar Plugin – connectDaily versions = 1.5.5...
WordPress plugin WordPress Events Calendar Plugin – connectDaily 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Events Calendar...
PT-2025-36201
Name of the Vulnerable Software and Affected Versions: George Sexton WordPress Events Calendar Plugin – connectDaily versions through 1.5.3 Description: The WordPress Events Calendar Plugin – connectDaily contains a cross-site scripting XSS issue due to improper neutralization of input during web...
CVE-2025-39372
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...
CVE-2025-39372 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...
CVE-2025-39372
CVE-2025-39372 – Reflected Cross‑Site Scripting in the WordPress Events Calendar Registration & Tickets plugin (versions
CVE-2025-47581
Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...
CVE-2025-47581 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar Registration & Tickets allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through 2.6.0...
CVE-2025-32597
Cross-Site Request Forgery CSRF vulnerability in George Sexton WordPress Events Calendar Plugin – connectDaily connect-daily-web-calendar allows Cross-Site Scripting XSS.This issue affects WordPress Events Calendar Plugin – connectDaily: from n/a through = 1.5.4...
PT-2025-15799 · WordPress · Wordpress Events Calendar Plugin – Connectdaily
Name of the Vulnerable Software and Affected Versions: WordPress Events Calendar Plugin – connectDaily versions 1.4.8 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS in the WordPress Events Calendar Plugin ...
WordPress The Events Calendar plugin <= 6.6.4 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Foxyyy in WordPress Plugin The Events Calendar versions = 6.6.4...
WordPress Events Calendar for Google Plugin <= 2.1.0 is vulnerable to Local File Inclusion
Software Events Calendar for Google Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-38716 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 305987aedf95 Credits João Pedro S Alcântar...
WordPress Events Calendar Registration Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS)
Software Events Calendar Registration Type Plugin Vulnerable versions = 1.9.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f6798e3fd52 Credits Rafie Muhammad...
PT-2023-14181 · WordPress · Wordpress Events Calendar
Name of the Vulnerable Software and Affected Versions: The WordPress Events Calendar WordPress plugin versions prior to 1.4.5 Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because a parameter is not properly sanitized and escaped before being outputted back i...
WordPress Events Calendar Plugin - event_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wichipi Events Calendar - SQL Injection Date: 09-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: codecanyon.net/user/wachipi Version: 1.0 CVE-ID: CVE-2018-5315 Events...