80 matches found
WordPress Event Management Tickets Booking Plugin <= 1.3.4 is vulnerable to PHP Object Injection
Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1895 Patch priority Medium CVSS severity Medium 7.4 Developer Claim ownership PSID d93e6770a231 Credits Francesco Carlucci...
WordPress Event Tickets Plugin <= 5.8.1 is vulnerable to Broken Access Control
Software Event Tickets Type Plugin Vulnerable versions = 5.8.1 Fixed in 5.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1053 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID ddaccf519ce9 Credits Muhammad Daffa Required...
WordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object Injection
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.1.1 Fixed in 4.1.2 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24796 Patch priority Medium CVSS severity Medium 8.2 Developer Claim ownership PSID e6a64198a3ef Credits Ngô Thiên An ancorn fr...
WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Event post Plugin <= 5.9.0 is vulnerable to Cross Site Scripting (XSS)
Software Event post Type Plugin Vulnerable versions = 5.9.0 Fixed in 5.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-49179 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6e068d781f88 Credits thiennv Required privilege...
WordPress Plugin WP Event Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Event Tickets with Ticket Scanner Plugin < 1.5.5 is vulnerable to Cross Site Scripting (XSS)
Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions 1.5.5 Fixed in 1.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID daa37a82b56a Credits Unknown...
WordPress Event Tickets Plugin <= 5.5.11.1 is vulnerable to Cross Site Scripting (XSS)
Software Event Tickets Type Plugin Vulnerable versions = 5.5.11.1 Fixed in 5.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Liquid Web / StellarWP PSID b526dab2f64a Credits Rafie Muhammad Patchstack...
WordPress Event Manager for WooCommerce Plugin <= 3.9.5 is vulnerable to Cross Site Scripting (XSS)
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.9.5 Fixed in 3.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-36383 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8cd145419482 Credits emad...
CVE-2022-47164 WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin = 3.7.7 versions...
CVE-2023-28422 WordPress Event Manager for WooCommerce Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...
WordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47164 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID eb513352b8db Credits Istvá...
WordPress Event Manager for WooCommerce Plugin < 3.8.0 is vulnerable to Cross Site Scripting (XSS)
Software Event Manager for WooCommerce Type Plugin Vulnerable versions 3.8.0 Fixed in 3.8.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0144 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 01bb06fcbc30 Credits Lana...
CVE-2022-29489 WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Sucuri Security plugin = 1.8.33 at WordPress leading to Event log entry creation...
WordPress Event Tickets 4.10.7.1 CSV Injection
Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...
RSVPMaker SQL Injection Vulnerability
RSVPMaker is a WordPress event scheduling and RSVP tracking plugin. A SQL injection vulnerability exists in RSVPMaker versions prior to 6.2. An attacker can exploit this vulnerability to obtain sensitive database information...
WordPress Event List Plugin <= 0.7.8 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Event List = 0.7.8 - SQL Injection Date: 04-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://wordpress.org/plugins/event-list/ Version: 0.7.8 CVE : CVE-2017-9429 Category:...
WordPress Event Registration 6.02.02 XSS / SQL Injection
Exploit Title: WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS Discovery Date: 2016/03/13 Public Disclosure Date: 2016/05/09 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x | https://codemetrix.net Vendor Homepage: http://wpeventregister.com/...
WordPress Event Registration Plugin <= 5.44 - SQL Injection
Event Registration plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...
WordPress Event Registration 5.4.3 SQL Injection
Exploit Title: WordPress Event Registration plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $id= $REQUEST'id'; ... $sql = "SELECT FROM " . $eventsdetailtbl . " WHERE id='$id'"; $result = mysqlquery$sql;...