Vulnerabilities and security researches forevents-manager events-manager

Direction: ascending

Jun 07, 2024

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2019-16523

CVE, Research URL: CVE-2019-16523
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Oct 16, 2019
Research Description: The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7479

CVE, Research URL: CVE-2013-7479
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 22, 2019
Research Description: The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7480

CVE, Research URL: CVE-2013-7480
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 22, 2019
Research Description: The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2012-6716

CVE, Research URL: CVE-2012-6716
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 22, 2019
Research Description: The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9298

CVE, Research URL: CVE-2015-9298
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 13, 2019
Research Description: The events-manager plugin before 5.6 for WordPress has code injection.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9299

CVE, Research URL: CVE-2015-9299
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 13, 2019
Research Description: The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2020-35012

CVE, Research URL: CVE-2020-35012
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Dec 02, 2021
Research Description: The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2020-35037

CVE, Research URL: CVE-2020-35037
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Dec 02, 2021
Research Description: The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7477

CVE, Research URL: CVE-2013-7477
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 22, 2019
Research Description: The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7478

CVE, Research URL: CVE-2013-7478
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 22, 2019
Research Description: The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-13137

CVE, Research URL: CVE-2018-13137
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Apr 12, 2019
Research Description: The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-0576

CVE, Research URL: CVE-2018-0576
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: May 14, 2018
Research Description: Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-9020

CVE, Research URL: CVE-2018-9020
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Mar 26, 2018
Research Description: The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-1407

CVE, Research URL: CVE-2013-1407
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: May 13, 2014
Research Description: Multiple cross-site scripting (XSS) vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) scope parameter to index.php; (2) user_name, (3) dbem_phone, (4) user_email, or (5) booking_comment parameter to an event with registration enabled; or the (6) _wpnonce parameter to wp-admin/edit.php.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9297

CVE, Research URL: CVE-2015-9297
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 13, 2019
Research Description: The events-manager plugin before 5.6 for WordPress has XSS.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9300

CVE, Research URL: CVE-2015-9300
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Aug 13, 2019
Research Description: The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2023-48326

CVE, Research URL: CVE-2023-48326
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Nov 30, 2023
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through 6.4.5.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-30515

CVE, Research URL: CVE-2024-30515
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jun 09, 2024
Research Description: Missing Authorization vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.6.4.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-0614

CVE, Research URL: CVE-2024-0614
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Mar 13, 2024
Research Description: The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.4.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-2110

CVE, Research URL: CVE-2024-2110
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Mar 28, 2024
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.4.7.1. This is due to missing or incorrect nonce validation on several actions. This makes it possible for unauthenticated attackers to modify booking statuses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-2111

CVE, Research URL: CVE-2024-2111
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Mar 28, 2024
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the physical location value in all versions up to, and including, 6.4.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-30421

CVE, Research URL: CVE-2024-30421
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Mar 28, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.7.1.
Affected versions: Min -, max -.
Status: vulnerable

Jun 13, 2024

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-3492

CVE, Research URL: CVE-2024-3492
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jun 12, 2024
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'event', 'location', and 'event_category' shortcodes in all versions up to, and including, 6.4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Jun 30, 2024

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-5889

CVE, Research URL: CVE-2024-5889
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jun 29, 2024
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘country’ parameter in all versions up to, and including, 6.4.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Sep 05, 2024

Events Manager – Calendar, Bookings, Tickets, and more! # PSC-2024-64524

PSC, Research URL: PSC-2024-64524
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: -
Research Description: The plugin is meticulously engineered to deliver reliability, scalability, and secure handling of user data. Recently, Events Manager has successfully undergone a rigorous security audit, earning the prestigious Plugin Security Certification (PSC) from CleanTalk, further solidifying its reputation as a secure solution for managing events on WordPress.
Affected versions: Min -, max -.
Status: SAFE & CERTIFIED

Feb 21, 2025

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-11260

CVE, Research URL: CVE-2024-11260
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Feb 21, 2025
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions: Min -, max -.
Status: vulnerable

Mar 05, 2025

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-1249

CVE, Research URL: CVE-2025-1249
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Feb 26, 2025
Research Description: Missing Authorization vulnerability in Pixelite Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Events Manager: from n/a through 6.6.4.1.
Affected versions: Min -, max -.
Status: vulnerable

Jul 12, 2025

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6975

CVE, Research URL: CVE-2025-6975
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jul 10, 2025
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendar_header’ parameter in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6970

CVE, Research URL: CVE-2025-6970
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jul 10, 2025
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions: Min -, max -.
Status: vulnerable

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6976

CVE, Research URL: CVE-2025-6976
Home page URL: Security reports for Events Manager – Calendar, Bookings, Tickets, and more!
Application: Events Manager – Calendar, Bookings, Tickets, and more!
Date: Jul 10, 2025
Research Description: The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches forevents-manager events-manager

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2019-16523

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2013-7479

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2013-7480

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2012-6716

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2015-9298

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2015-9299

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2020-35012

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2020-35037

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2013-7477

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2013-7478

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2018-13137

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2018-0576

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2018-9020

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2013-1407

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2015-9297

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2015-9300

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2023-48326

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-30515

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-0614

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-2110

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-2111

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-30421

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-3492

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-5889

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # PSC-2024-64524

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2024-11260

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2025-1249

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2025-6975

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2025-6970

Events Manager &#8211; Calendar, Bookings, Tickets, and more! # CVE-2025-6976

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2019-16523

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7479

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7480

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2012-6716

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9298

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9299

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2020-35012

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2020-35037

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7477

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-7478

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-13137

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-0576

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2018-9020

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2013-1407

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9297

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2015-9300

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2023-48326

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-30515

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-0614

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-2110

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-2111

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-30421

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-3492

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-5889

Events Manager – Calendar, Bookings, Tickets, and more! # PSC-2024-64524

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2024-11260

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-1249

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6975

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6970

Events Manager – Calendar, Bookings, Tickets, and more! # CVE-2025-6976