cleantalk
Vulnerabilities and Security Researches

Eventbee RSVP Widget, CVE-2025-31838

CVE, Research URL

CVE-2025-31838

Home page URL

Security reports for Eventbee RSVP Widget

Application

Eventbee RSVP Widget

Published on
Apr 01, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eventbee Eventbee RSVP Widget allows DOM-Based XSS. This issue affects Eventbee RSVP Widget: from n/a through 1.0.
Affected versions
max 1.0.
Status
vulnerable
Previous vulnerability researches
Eventbee RSVP Widget (CVE-2025-31838) , Apr 04, 2025
New vulnerability
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-7493) , May 27, 2026
RSVP and Event Management Plugin (CVE-2026-27398) , May 27, 2026
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More (CVE-2026-27346) , May 27, 2026
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress (CVE-2026-24546) , May 27, 2026
WP Activity Log (CVE-2026-45435) , May 26, 2026