Lucene search
K

9 matches found

Packet Storm News
Packet Storm News
added 2026/04/11 12:0 a.m.6 views

Organizational Security Resource Estimation Via Vulnerability Queueing

We provide an approach that closely estimates an organization's cyber resources directly from vulnerability timestamps, using a non-stationary queueing framework. Traditional attack-surface metrics operate on static snapshots, ignoring the core attack-defense dynamics within information systems,...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:53 a.m.8 views

CVE-2013-7480

The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 10:22 p.m.39 views

CVE-2025-6975

CVE-2025-6975 concerns the WordPress plugin Events Manager – Calendar, Bookings, Tickets, and more! Affected versions up to 7.0.3 are vulnerable to Reflected Cross‑Site Scripting via the calendar_header parameter due to insufficient input sanitization and output escaping. Exploitation requires no...

6.1CVSS6.1AI score0.00251EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.5 views

CVE-2024-38874

An issue was discovered in the events2 aka Events 2 extension before 8.3.8 and 9.x before 9.0.6 for TYPO3. Missing access checks in the management plugin lead to an insecure direct object reference IDOR vulnerability with the potential to activate or delete various events for unauthenticated user...

5.4CVSS7AI score0.0029EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 6:17 p.m.11 views

CVE-2025-47581

Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

9.8CVSS7.2AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.8 views

CVE-2024-8493 The Events Calendar < 6.6.4 - Admin+ Stored XSS

The Events Calendar WordPress plugin before 6.6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.0032EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:44 p.m.8 views

CVE-2024-8016

The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.0.2 via deserialization of untrusted input from the 'filters' parameter in widgets. This makes it possible for authenticated attackers, with administrator-level access and...

9.1CVSS7.3AI score0.00748EPSS
Exploits0References1
Circl
Circl
added 2024/12/23 3:30 p.m.20 views

CVE-2024-23945

creationtimestamp| type| source ---|---|--- 2024-12-23 15:30:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113702851117565346 2024-12-23 18:20:07+00:00| seen| https://t.me/cvedetector/13542 2024-12-25 05:04:08+00:00| seen|...

5.9CVSS5.7AI score0.01468EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2022/09/26 12:4 p.m.6 views

CVE-2022-40925

Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "saveevent" file of the "Events" module in the background management system...

7.1AI score0.00929EPSS
Exploits1References1
Rows per page
Query Builder