3 matches found
CVE-2025-2800 WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name'
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘organizername' parameter in all versions up to, and including, 3.1.50 due to insufficient input sanitization and output escaping. This...
CVE-2025-2800
CVE-2025-2800 affects WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (WordPress). The vulnerability is an unauthenticated stored cross-site scripting flaw via the organizer_name parameter in all versions up to and including 3.1.50. Public sources in connected doc...
WordPress WP Event Manager plugin <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' vulnerability
Unauthenticated Stored Cross-Site Scripting via 'organizername' vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin WP Event Manager versions = 3.1.50...