Lucene search
K

80 matches found

Patchstack
Patchstack
added 2024/04/30 12:0 a.m.9 views

WordPress Event Management Tickets Booking Plugin <= 1.3.4 is vulnerable to PHP Object Injection

Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1895 Patch priority Medium CVSS severity Medium 7.4 Developer Claim ownership PSID d93e6770a231 Credits Francesco Carlucci...

7.5CVSS6.8AI score0.0085EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/22 12:0 a.m.8 views

WordPress Event Tickets Plugin <= 5.8.1 is vulnerable to Broken Access Control

Software Event Tickets Type Plugin Vulnerable versions = 5.8.1 Fixed in 5.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1053 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID ddaccf519ce9 Credits Muhammad Daffa Required...

4.3CVSS6.5AI score0.00396EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/31 12:0 a.m.12 views

WordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object Injection

Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.1.1 Fixed in 4.1.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24796 Patch priority Medium CVSS severity Medium 8.2 Developer Claim ownership PSID e6a64198a3ef Credits Ngô Thiên An ancorn fr...

8.8CVSS6.8AI score0.00499EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/12/15 12:0 a.m.4 views

WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6AI score0.00382EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/11/29 12:0 a.m.10 views

WordPress Event post Plugin <= 5.9.0 is vulnerable to Cross Site Scripting (XSS)

Software Event post Type Plugin Vulnerable versions = 5.9.0 Fixed in 5.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-49179 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6e068d781f88 Credits thiennv Required privilege...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.6 views

WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS6AI score0.0051EPSS
Exploits1References5
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.7 views

WordPress Event Tickets with Ticket Scanner Plugin < 1.5.5 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions 1.5.5 Fixed in 1.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID daa37a82b56a Credits Unknown...

5.9AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.7 views

WordPress Event Tickets Plugin <= 5.5.11.1 is vulnerable to Cross Site Scripting (XSS)

Software Event Tickets Type Plugin Vulnerable versions = 5.5.11.1 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Liquid Web / StellarWP PSID b526dab2f64a Credits Rafie Muhammad Patchstack...

5.9AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.21 views

WordPress Event Manager for WooCommerce Plugin <= 3.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.9.5 Fixed in 3.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36383 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8cd145419482 Credits emad...

5.9CVSS5.8AI score0.00286EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/25 8:27 a.m.8 views

CVE-2022-47164 WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin = 3.7.7 versions...

4.3CVSS8.9AI score0.00293EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/23 11:45 a.m.31 views

CVE-2023-28422 WordPress Event Manager for WooCommerce Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/03/16 12:0 a.m.12 views

WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47164 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID eb513352b8db Credits Istvá...

8.8CVSS6.7AI score0.00293EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/01/10 12:0 a.m.15 views

WordPress Event Manager for WooCommerce Plugin < 3.8.0 is vulnerable to Cross Site Scripting (XSS)

Software Event Manager for WooCommerce Type Plugin Vulnerable versions 3.8.0 Fixed in 3.8.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0144 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 01bb06fcbc30 Credits Lana...

5.4CVSS5.9AI score0.00477EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/16 8:22 p.m.5 views

CVE-2022-29489 WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sucuri Security plugin = 1.8.33 at WordPress leading to Event log entry creation...

4.7AI score0.0027EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.266 views

WordPress Event Tickets 4.10.7.1 CSV Injection

Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...

0.3AI score
Exploits0
CNVD
CNVD
added 2019/08/28 12:0 a.m.20 views

RSVPMaker SQL Injection Vulnerability

RSVPMaker is a WordPress event scheduling and RSVP tracking plugin. A SQL injection vulnerability exists in RSVPMaker versions prior to 6.2. An attacker can exploit this vulnerability to obtain sensitive database information...

9.8CVSS9.6AI score0.02263EPSS
Exploits0References1
0day.today
0day.today
added 2017/06/14 12:0 a.m.52 views

WordPress Event List Plugin <= 0.7.8 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Event List = 0.7.8 - SQL Injection Date: 04-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://wordpress.org/plugins/event-list/ Version: 0.7.8 CVE : CVE-2017-9429 Category:...

6.5CVSS8.7AI score0.0273EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/05/09 12:0 a.m.36 views

WordPress Event Registration 6.02.02 XSS / SQL Injection

Exploit Title: WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS Discovery Date: 2016/03/13 Public Disclosure Date: 2016/05/09 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x | https://codemetrix.net Vendor Homepage: http://wpeventregister.com/...

0.1AI score
Exploits0
Patchstack
Patchstack
added 2011/09/09 12:0 a.m.16 views

WordPress Event Registration Plugin <= 5.44 - SQL Injection

Event Registration plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

7.5CVSS3.2AI score0.02764EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2011/08/30 12:0 a.m.18 views

WordPress Event Registration 5.4.3 SQL Injection

Exploit Title: WordPress Event Registration plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $id= $REQUEST'id'; ... $sql = "SELECT FROM " . $eventsdetailtbl . " WHERE id='$id'"; $result = mysqlquery$sql;...

0.1AI score
Exploits0
Rows per page
Query Builder