2 matches found
CVE-2025-2799
creationtimestamp| type| source ---|---|--- 2025-07-16 06:28:50+00:00| seen| Telegram/uTClkgxVhXpCUyHL3wYkAI7SgXCbEsxOw11ZIe9PA5g-bzU...
CVE-2025-2799 WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag-name’ parameter in all versions up to, and including, 3.1.49 due to insufficient input sanitization and output escaping. This makes i...