CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7477 – Events Manager <= 5.5.1 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-7477
The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form. El plugin events-manager versiones anteriores a 5.5.2 para WordPress, presenta una vulnerabilidad de tipo XSS en el formulario de reserva. The Events Manager plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 5.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wordpress.org/plugins/events-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7479 – Events Manager < 5.3.9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-7479
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field. El plugin events-manager versiones anteriores a 5.3.9 para WordPress, presenta una vulnerabilidad de tipo XSS en el campo search form. • https://wordpress.org/plugins/events-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7478 – Events Manager < 5.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-7478
The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post. El plugin events-manager versiones anteriores a 5.5 para WordPress, presenta una vulnerabilidad de tipo XSS por medio de la función EM_Ticket::get_post. • https://wordpress.org/plugins/events-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7480 – Events Manager <= 5.3.6 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-7480
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas. El plugin events-manager versiones anteriores a 5.3.6.1 para WordPress, presenta una vulnerabilidad de tipo XSS por medio del formulario de reserva y las áreas de administración. • https://wordpress.org/plugins/events-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6716 – Events Manager < 5.1.7 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-6716
The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links. El plugin de events-manager versiones anteriores a 5.1.7 para WordPress, presenta una vulnerabilidad de tipo XSS por medio de enlaces de llamadas JSON. The Events Manager plugin before 5.1.7 for WordPress has XSS via JSON call links. • https://wordpress.org/plugins/events-manager/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •