Wp Event Manager Security Vulnerabilities and Issues — Wp Event Manager CVE List

Lucene search

Wp-eventmanagerWp Event Manager

4 matches found

CVE•added 2022/07/11 1:15 p.m.•56 views

CVE-2022-1474

The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting

6.1CVSS6AI score0.00144EPSS

CVE•added 2024/07/16 9:15 a.m.•47 views

CVE-2024-2691

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events' shortcode in all versions up to, and including, 3.1.43 due to insufficient input sanitization and output escaping on user ...

6.4CVSS5.5AI score0.00105EPSS

CVE•added 2024/03/13 4:15 p.m.•38 views

CVE-2024-0976

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the plugin parameter in all versions up to, and including, 3.1.41 due to insufficient input sanitization and output escaping. This makes it p...

6.1CVSS6.4AI score0.011EPSS

CVE•added 2024/02/01 11:15 a.m.•32 views

CVE-2023-52118

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Event Manager WP User Profile Avatar allows Stored XSS.This issue affects WP User Profile Avatar: from n/a through 1.0.

6.5CVSS5.4AI score0.00077EPSS