The Event Koi Lite – Events Calendar, Event Management, RSVP, and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.13.1 via the ge
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attack
The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 6.15.9. The sysinfo REST endpoint compares the provided key to the stored opt-in key
The EventPrime - Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.0 via the REST API. This makes i
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access to Private or Password-protected events due to missing authorization checks in all vers
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the html_tag attribute in all versions up to, and including, 6.9.0
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 7.2.2.2 via the 'get_location' action due t
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and out
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient rest
The Add infos to the events calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fuss' shortcode in all versions up to, and including, 1.4.1 due to insufficient
The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the get_item_pe
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-date-*’ parameters in all versions up to, and including, 6.13.2 due to insufficient input saniti
The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 7.21.9. This is due improper or insufficient validation of the id prope
The Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'event_desc' parameter in all versions up to, and including, 1.3.16 due to insufficient input sanitization and ou
The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `template` attribute of the `[my_calendar_upcoming]` shortcode in all versions up t
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability checks on the export_submittion_attendees function
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.5.4.8 via the 'tickera_tickets_info' endpoint. This makes it
The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and escape some parameters when accepting event registrations, which could allow unauthenticated users to pe
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events' shortcode in all versio
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket names in all versions up to, and including, 4.0.4.7 due to insuffici
Page 1+ Next →