cleantalk
Vulnerabilities and Security Researches

Events Maker by dFactory, CVE-2025-62941

CVE, Research URL

CVE-2025-62941

Home page URL

Security reports for Events Maker by dFactory

Application

Events Maker by dFactory

Published on
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Events Maker by dFactory events-maker allows Stored XSS.This issue affects Events Maker by dFactory: from n/a through <= 1.6.14.
Affected versions
max 1.6.14.
Status
vulnerable
Previous vulnerability researches
GenerateBlocks (CVE-2024-13546) , Mar 01, 2025
GenerateBlocks (CVE-2024-1452) , Jun 06, 2024
GenerateBlocks (CVE-2021-24751) , Jun 06, 2024
GenerateBlocks (CVE-2025-11879) , Nov 10, 2025
New vulnerability
Custom CSS (CVE-2025-48096) , Nov 10, 2025
Task Scheduler (CVE-2025-10056) , Nov 10, 2025
Links shortcode (CVE-2025-62898) , Nov 10, 2025
Password only login (CVE-2025-48093) , Nov 10, 2025
AI Engine (CVE-2025-11749) , Nov 10, 2025