10 matches found
CVE-2019-16523
The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin.
CVE-2015-9297
The events-manager plugin before 5.6 for WordPress has XSS.
CVE-2015-9298
The events-manager plugin before 5.6 for WordPress has code injection.
CVE-2015-9299
The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.
CVE-2013-7477
The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form.
CVE-2012-6716
The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links.
CVE-2015-9300
The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.
CVE-2013-7479
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field.
CVE-2013-7478
The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post.
CVE-2013-7480
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.