Lucene search
K

4 matches found

NVD
NVD
added 2014/05/13 2:55 p.m.38 views

CVE-2013-1407

Multiple cross-site scripting XSS vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 scope parameter to index.php; 2 username, 3 dbemphone, 4 useremail, or 5...

4.3CVSS5.8AI score0.02058EPSS
Exploits3References3
CVE
CVE
added 2014/05/13 2:0 p.m.52 views

CVE-2013-1407

The CVE-2013-1407 vulnerabilities affect the WordPress plugin Events Manager and the Events Manager Pro plugin, with multiple input vectors (scope, _wpnonce, user_name, dbem_phone, user_email, booking_comment) leading to XSS . Root cause: insufficient input validation/filtration in the index.php ...

4.3CVSS5.8AI score0.02058EPSS
Exploits3References3Affected Software1
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.87 views

Multiple XSS vulnerabilities in Events Manager WordPress plugin

Advisory ID: HTB23139 Product: Events Manager WordPress plugin Vendor: Marcus Sykes Vulnerable Versions: 5.3.3 and probably prior Tested Version: 5.3.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: March 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS0.2AI score0.02058EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/03/07 12:0 a.m.58 views

WordPress Events Manager 5.3.3 Cross Site Scripting

Advisory ID: HTB23139 Product: Events Manager WordPress plugin Vendor: Marcus Sykes Vulnerable Versions: 5.3.3 and probably prior Tested Version: 5.3.3 Vendor Notification: January 16, 2013 Vendor Patch: January 17, 2013 Public Disclosure: March 6, 2013 Vulnerability Type: Cross-Site Scripting...

4.3CVSS0.3AI score0.02058EPSS
Exploits3
Rows per page
Query Builder