cleantalk
Vulnerabilities and Security Researches

Event post, CVE-2025-26923

CVE, Research URL

CVE-2025-26923

Home page URL

Security reports for Event post

Application

Event post

Published on
Mar 26, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post allows Stored XSS.This issue affects Event post: from n/a through 5.9.8.
Affected versions
max 5.9.9.
Status
vulnerable
Previous vulnerability researches
Event post (CVE-2025-62042) , Nov 10, 2025
Event post (CVE-2024-1375) , Jul 13, 2024
Event post (CVE-2024-38735) , Jul 23, 2024
Event post (CVE-2025-26923) , Mar 19, 2025
Event post (CVE-2025-2167) , Mar 26, 2025
New vulnerability
Recipe Card Blocks for Gutenberg & Elementor – Best WordPress Recipe Plugin (CVE-2025-62019) , Nov 11, 2025
Premmerce Product Search for WooCommerce (CVE-2025-64289) , Nov 11, 2025
Premmerce Product Search for WooCommerce (CVE-2025-64290) , Nov 11, 2025
Premmerce Product Search for WooCommerce (CVE-2025-60194) , Nov 11, 2025
WPC Smart Quick View for WooCommerce (CVE-2025-11741) , Nov 11, 2025