Pixelite

Events Manager

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-6976

  • EPSS 0.05%
  • Veröffentlicht 09.07.2025 22:22:47
  • Zuletzt bearbeitet 11.07.2025 17:26:52

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output e...

6.1

CVE-2025-6975

  • EPSS 0.12%
  • Veröffentlicht 09.07.2025 22:22:47
  • Zuletzt bearbeitet 11.07.2025 17:27:10

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendar_header’ parameter in all versions up to, and including, 7.0.3 due to insufficient input sanitization an...

7.5

CVE-2025-6970

  • EPSS 32.53%
  • Veröffentlicht 09.07.2025 22:22:46
  • Zuletzt bearbeitet 11.07.2025 17:27:31

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied param...

5.3

CVE-2025-1249

  • EPSS 0.12%
  • Veröffentlicht 26.02.2025 15:15:24
  • Zuletzt bearbeitet 26.02.2025 15:15:24

Missing Authorization vulnerability in Pixelite Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Events Manager: from n/a through 6.6.4.1.

7.5

CVE-2024-11260

  • EPSS 0.48%
  • Veröffentlicht 21.02.2025 06:15:20
  • Zuletzt bearbeitet 25.02.2025 03:36:24

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied p...

6.1

CVE-2024-5889

  • EPSS 1.3%
  • Veröffentlicht 29.06.2024 05:15:03
  • Zuletzt bearbeitet 21.11.2024 09:48:31

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘country’ parameter in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output...

5.4

CVE-2024-3492

  • EPSS 0.31%
  • Veröffentlicht 12.06.2024 11:15:50
  • Zuletzt bearbeitet 15.01.2025 17:33:15

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'event', 'location', and 'event_category' shortcodes in all versions up to, and including, 6.4.7.3 due to i...

8.8

CVE-2024-30515

  • EPSS 0.22%
  • Veröffentlicht 09.06.2024 11:15:52
  • Zuletzt bearbeitet 21.11.2024 09:12:04

Missing Authorization vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.6.4.

4.3

CVE-2024-30421

  • EPSS 0.16%
  • Veröffentlicht 28.03.2024 09:15:08
  • Zuletzt bearbeitet 21.11.2024 09:11:53

Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.7.1.

5.4

CVE-2024-2111

  • EPSS 0.13%
  • Veröffentlicht 28.03.2024 02:15:10
  • Zuletzt bearbeitet 08.01.2025 18:23:37

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the physical location value in all versions up to, and including, 6.4.7.1 due to insufficient input sanitization and out...