cleantalk
Vulnerabilities and Security Researches

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce, CVE-2021-24810

CVE, Research URL

CVE-2021-24810

Home page URL

Security reports for WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

Application

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

Published on
Mar 07, 2022
Research Description
The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Affected versions
Min -, max 3.1.23.
Status
vulnerable
Previous vulnerability researches
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2023-4423) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2021-24810) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2023-47697) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2022-1474) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2024-0976) , Jun 07, 2024
New vulnerability
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-4691) , Jun 04, 2025
WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance (CVE-2025-3951) , Jun 04, 2025
Year Make Model Search for WooCommerce (CVE-2025-48265) , Jun 04, 2025
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2025-48255) , Jun 04, 2025
Real Cookie Banner: GDPR & ePrivacy Cookie Consent (CVE-2025-1485) , Jun 04, 2025