Product:

Events_manager

(Wp\-Events\-Plugin)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 15
Date Id Summary Products Score Patch Annotated
2023-11-30 CVE-2023-48326 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through 6.4.5. Events_manager 6.1
2019-08-13 CVE-2015-9297 The events-manager plugin before 5.6 for WordPress has XSS. Events_manager 6.1
2019-08-13 CVE-2015-9298 The events-manager plugin before 5.6 for WordPress has code injection. Events_manager 9.8
2021-12-01 CVE-2020-35037 The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues Events_manager 6.1
2021-12-01 CVE-2020-35012 The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection Events_manager 7.2
2018-05-14 CVE-2018-0576 Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Events_manager 5.4
2019-10-16 CVE-2019-16523 The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin. Events_manager N/A
2019-08-22 CVE-2013-7480 The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas. Events_manager 6.1
2019-08-22 CVE-2013-7479 The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field. Events_manager 6.1
2019-08-22 CVE-2013-7478 The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post. Events_manager 6.1