Quick Event Manager < 9.7.5 - Cross-Site Scripting

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action. id: CVE-2023-23491 info: name: Quick Event Manager 9.7.5 - Cross-Site Scripting author: ritikchaddha severity: medium...

EUVD-2023-28039

Malicious code in bioql PyPI...

EUVD-2023-28038

Malicious code in bioql PyPI...

EUVD-2022-49644

Malicious code in bioql PyPI...

CVE-2023-23974

Cross-Site Request Forgery CSRF vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 affecting all registration actions delete, delete all, edit, update...

CVE-2023-23491

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action...

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

CVE-2022-46863

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.6.4 versions...

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

CVE-2023-23975

The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions

CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in brightvesseldev Quick Event Manager quick-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through = 9.7.4...

CVE-2023-23975 WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

WordPress plugin Quick Event Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

The vulnerability of the qem_ajax_calendar function in the Quick Event Manager plugin of the WordPress content management system allows a hacker to execute XSS attacks.

The vulnerability of the qemajaxcalendar function in the Quick Event Manager plugin of the WordPress content management system exists due to the lack of security measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform XSS attacks remote...

WordPress Quick Event Manager Plugin < 9.7.5 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:fullworksplugins:quickeventmanager"; ifdescription...

WordPress Quick Event Manager Plugin < 9.8.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions 9.8.5.3 Fixed in 9.8.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 5068fcdc6585 Credits Rafie Muhammad Patchstac...

CVE-2023-23979

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

Cross site scripting

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

CVE-2023-23979 WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

CVE-2023-23979

The CVE-2023-23979 entry concerns the WordPress Quick Event Manager plugin (Fullworks) with an unauthenticated Stored Cross-Site Scripting (XSS) vulnerability affecting versions prior to 9.7.5. The issue is tied to improper handling of input (e.g., the "yourname" parameter) leading to XSS. No exp...