Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.8 views

CVE-2023-0144

The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.5AI score0.00477EPSS
Exploits2References1
OSV
OSV
added 2023/02/06 8:15 p.m.3 views

CVE-2023-0144

The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00477EPSS
Exploits2References1
NVD
NVD
added 2023/02/06 8:15 p.m.25 views

CVE-2023-0144

The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.4AI score0.00477EPSS
Exploits2References1
CVE
CVE
added 2023/02/06 7:59 p.m.66 views

CVE-2023-0144

The CVE-2023-0144 entry concerns the WordPress plugin Event Manager and Tickets Selling Plugin for WooCommerce (pre-3.8.0). The vulnerability is a Stored XSS that arises because the plugin does not validate/escape certain post meta before output, affecting users with the Contributor+ role. Affect...

5.4CVSS5.3AI score0.00477EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/06 7:59 p.m.11 views

CVE-2023-0144 Event Manager and Tickets Selling Plugin for WooCommerce < 3.8.0 - Contributor+ Stored XSS

The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6AI score0.00477EPSS
Exploits2References1
Rows per page
Query Builder