Lucene search
K

15 matches found

NVD
NVD
added 2026/07/01 5:16 a.m.8 views

CVE-2026-2387

The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eoevents' shortcode accepting attacker-controlled 'noevents' content and rendering it in event list templates without output escaping. This makes...

6.4CVSS0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 4:32 a.m.9 views

EUVD-2026-40904

The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eoevents' shortcode accepting attacker-controlled 'noevents' content and rendering it in event list templates without output escaping. This makes...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 4:32 a.m.30 views

CVE-2026-2387 Event Organiser <= 3.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via eo_events Shortcode

The Event Organiser plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.12.9. This is due to the 'eoevents' shortcode accepting attacker-controlled 'noevents' content and rendering it in event list templates without output escaping. This makes...

6.4CVSS0.00156EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 4:32 a.m.13 views

CVE-2026-2387

The CVE-2026-2387 entry concerns the WordPress Event Organiser plugin (versions up to and including 3.12.9). The vulnerability is a Stored Cross-Site Scripting flaw in the eo_events shortcode: attacker-controlled no_events content is rendered in event list templates without output escaping, allow...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/30 3:56 p.m.6 views

WordPress Event Organiser plugin <= 3.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Event Organiser versions = 3.12.9...

6.4CVSS5.8AI score0.00156EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/31 11:6 a.m.5 views

CVE-2025-69012

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS7AI score0.00206EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 12:30 p.m.6 views

EUVD-2025-205732

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS6.5AI score0.00206EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 11:15 a.m.13 views

CVE-2025-69012

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.26 views

CVE-2025-69012 WordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS0.00206EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/30 10:47 a.m.6 views

CVE-2025-69012 WordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS6.6AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 10:47 a.m.24 views

CVE-2025-69012

Technical details for CVE-2025-69012 are not provided in the supplied documents. Monitor for updates from vendors or vulnerability databases.

4.3CVSS6.6AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.7 views

WordPress plugin Event Organiser 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

4.3CVSS5.8AI score0.00206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.10 views

PT-2025-53893

Name of the Vulnerable Software and Affected Versions Stephen Harris Event Organiser event-organiser versions through 3.12.8 Description An issue exists in Stephen Harris Event Organiser event-organiser related to incorrectly configured access control security levels, potentially allowing...

4.3CVSS6.5AI score0.00206EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/27 9:57 a.m.7 views

WordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Event Organiser versions = 3.12.8...

4.3CVSS6.7AI score0.00206EPSS
Exploits0Affected Software1
Malwarebytes
Malwarebytes
added 2019/11/11 6:27 p.m.77 views

Facebook scams: Bad ads, bogus grants, and fake tickets lurk on social media giant

We recently highlighted new steps Instagram is taking to try and clamp down on scammers sending fake messages on their platform. It turns out, other social media giants are walking a similar path for a variety of bogus ads and other attacks. Facebook scams in particular have taken off, despite th...

0.2AI score
Exploits0
Rows per page
Query Builder