cleantalk
Vulnerabilities and Security Researches

WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress, CVE-2024-38703

CVE, Research URL

CVE-2024-38703

Home page URL

Security reports for WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress

Application

WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress

Published on
Jul 20, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9.
Affected versions
max 1.8.0.
Status
vulnerable
Previous vulnerability researches
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2024-38703) , Jul 14, 2024
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2025-24700) , Feb 13, 2025
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2024-31371) , Jun 06, 2024
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2026-1941) , Apr 15, 2026
New vulnerability
TalkJS (CVE-2026-1055) , Apr 16, 2026
News Element Elementor Blog Magazine (CVE-2026-2284) , Apr 16, 2026
WPNakama – Fast and Simple Project Management Tool (CVE-2026-2495) , Apr 16, 2026
Advanced Custom Fields (ACF) (CVE-2026-4812) , Apr 16, 2026
Paid Videochat Turnkey Site – HTML5 PPV Live Webcams (CVE-2025-8899) , Apr 16, 2026