cleantalk
Vulnerabilities and Security Researches

Events Manager – OpenStreetMaps, CVE-2025-58265

CVE, Research URL

CVE-2025-58265

Home page URL

Security reports for Events Manager – OpenStreetMaps

Application

Events Manager – OpenStreetMaps

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stonehenge Creations Events Manager – OpenStreetMaps allows Stored XSS. This issue affects Events Manager – OpenStreetMaps: from n/a through 4.2.1.
Affected versions
Min -, max 4.2.1.
Status
vulnerable
Previous vulnerability researches
WC Fields Factory (CVE-2023-0277) , Jun 07, 2024
WC Fields Factory (6cc027737736ffa5a4ad7d18f7aacab3368b4dae) , Jun 07, 2024
New vulnerability
FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin (CVE-2025-58659) , Sep 27, 2025
Events Manager – OpenStreetMaps (CVE-2025-58265) , Sep 27, 2025
SAPO Feed (CVE-2025-53462) , Sep 27, 2025
Estonian Shipping Methods for WooCommerce (CVE-2025-58656) , Sep 27, 2025
Casengo Live Chat Support (CVE-2025-58688) , Sep 27, 2025