23 matches found
EUVD-2025-24787
Malicious code in bioql PyPI...
EUVD-2025-24788
Malicious code in bioql PyPI...
CVE-2025-52730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
CVE-2025-52731
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...
CVE-2025-52731
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...
CVE-2025-52730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
CVE-2025-52731 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...
CVE-2025-52730 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
CVE-2025-52730
CVE-2025-52730 affects WordPress Event Manager, Event Calendar and Booking Plugin (WordPress Event Manager, Event Calendar and Booking Plugin) versions up to 4.0.24. It is a Stored Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. The CVSS 3.1 base met...
CVE-2025-52731
CVE-2025-52731 affects WordPress WordPress Event Manager, Event Calendar and Booking Plugin (≤ 4.0.24). A Missing Authorization flaw in the plugin’s theme function allows unauthenticated access to delete content (Arbitrary Content Deletion). Public details identify the affected versions and impac...
WordPress plugin WordPress Event Manager, Event Calendar and Booking Plugin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in th...
WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability
Arbitrary Content Deletion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WordPress Event Manager, Event Calendar and Booking Plugin versions = 4.0.24...
CVE-2025-24624 WordPress HT Event – WordPress Event Manager Plugin for Elementor Plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through = 1.4.6...
CVE-2024-13216
The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function in /includes/widgets/hteventsponsor.php. This makes it possible for authenticated attackers, with...
WordPress Advanced Event Manager Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)
Software Advanced Event Manager Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-53721 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 46c5eb1a6448 Credits SOPROBRO Required privilege...
WordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object Injection
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.1.1 Fixed in 4.1.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24796 Patch priority Medium CVSS severity Medium 8.2 Developer Claim ownership PSID e6a64198a3ef Credits Ngô Thiên An ancorn fr...
WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Event Manager for WooCommerce Plugin <= 3.9.5 is vulnerable to Cross Site Scripting (XSS)
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.9.5 Fixed in 3.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36383 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8cd145419482 Credits emad...
CVE-2022-47164 WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin = 3.7.7 versions...