CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Eventespresso: >> Event Espresso >> 3.1.37.11.l Security Vulnerabilities

CVE-2020-26153

A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.

CVSS Score

6.1

EPSS Score

0.346

Published

2021-07-13

CVE-2017-1002026

Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement.

CVSS Score

8.8

EPSS Score

0.009

Published

2017-09-14

Page 1

Vulnerabilities

Vulnerable Software

Eventespresso: >> Event Espresso >> 3.1.37.11.l Security Vulnerabilities

Products

Pricing

Contact Us