cleantalk
Vulnerabilities and Security Researches

WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress, CVE-2025-24700

CVE, Research URL

CVE-2025-24700

Home page URL

Security reports for WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress

Application

WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress

Published on
Feb 14, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Reflected XSS. This issue affects WP Event Aggregator: from n/a through 1.8.2.
Affected versions
max 1.8.3.
Status
vulnerable
Previous vulnerability researches
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2024-38703) , Jul 14, 2024
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2025-24700) , Feb 13, 2025
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2024-31371) , Jun 06, 2024
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress (CVE-2026-1941) , Apr 15, 2026
New vulnerability
TalkJS (CVE-2026-1055) , Apr 16, 2026
News Element Elementor Blog Magazine (CVE-2026-2284) , Apr 16, 2026
WPNakama – Fast and Simple Project Management Tool (CVE-2026-2495) , Apr 16, 2026
Advanced Custom Fields (ACF) (CVE-2026-4812) , Apr 16, 2026
Paid Videochat Turnkey Site – HTML5 PPV Live Webcams (CVE-2025-8899) , Apr 16, 2026