cleantalk
Vulnerabilities and Security Researches

The Events Calendar Shortcode & Block, CVE-2026-24988

CVE, Research URL

CVE-2026-24988

Home page URL

Security reports for The Events Calendar Shortcode & Block

Application

The Events Calendar Shortcode & Block

Published on
Feb 03, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Hogg The Events Calendar Shortcode &amp; Block the-events-calendar-shortcode allows Stored XSS.This issue affects The Events Calendar Shortcode &amp; Block: from n/a through <= 3.1.1.
Affected versions
max 3.1.1.
Status
vulnerable
Previous vulnerability researches
The Events Calendar Shortcode &amp; Block (CVE-2026-24988) , Feb 27, 2026
New vulnerability
Serious Slider (CVE-2026-25399) , Feb 28, 2026
Omnipress (CVE-2026-25432) , Feb 28, 2026
MDirector Newsletter (CVE-2025-14852) , Feb 28, 2026
Alma &#8211; Pay in installments or later for WooCommerce (CVE-2026-24999) , Feb 28, 2026
Visual Website Collaboration, Feedback &amp; Project Management &#8211; Atarim (CVE-2026-25019) , Feb 27, 2026