cleantalk
Vulnerabilities and Security Researches

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce, CVE-2022-1474

CVE, Research URL

CVE-2022-1474

Home page URL

Security reports for WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

Application

WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce

Published on
Jul 11, 2022
Research Description
The WP Event Manager WordPress plugin before 3.1.28 does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting
Affected versions
Min -, max 3.1.28.
Status
vulnerable
Previous vulnerability researches
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2023-4423) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2021-24810) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2023-47697) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2022-1474) , Jun 07, 2024
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce (CVE-2024-0976) , Jun 07, 2024
New vulnerability
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-4691) , Jun 04, 2025
WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance (CVE-2025-3951) , Jun 04, 2025
Year Make Model Search for WooCommerce (CVE-2025-48265) , Jun 04, 2025
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2025-48255) , Jun 04, 2025
Real Cookie Banner: GDPR & ePrivacy Cookie Consent (CVE-2025-1485) , Jun 04, 2025