cleantalk
Vulnerabilities and Security Researches

EventPrime – Events Calendar, Bookings and Tickets, CVE-2023-5238

CVE, Research URL

CVE-2023-5238

Home page URL

Security reports for EventPrime – Events Calendar, Bookings and Tickets

Application

EventPrime – Events Calendar, Bookings and Tickets

Published on
Oct 31, 2023
Research Description
The EventPrime WordPress plugin before 3.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to an HTML Injection on the plugin in the search area of the website.
Affected versions
max 3.3.3.
Status
vulnerable
Previous vulnerability researches
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-9864) , May 07, 2025
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-8369) , Sep 11, 2024
EventPrime – Events Calendar, Bookings and Tickets (CVE-2026-25389) , Feb 27, 2026
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-47648) , Oct 03, 2024
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-4665) , May 19, 2025
New vulnerability
افزونه پیامک حرفه ای فراز اس ام اس (CVE-2025-68031) , Feb 28, 2026
iONE360 configurator (CVE-2025-15440) , Feb 28, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-13416) , Feb 28, 2026
Storyform (CVE-2025-53233) , Feb 28, 2026
افزونه پیامک ووکامرس Persian WooCommerce SMS (CVE-2026-22352) , Feb 28, 2026