Medium severity4.8NVD Advisory· Published Apr 12, 2019· Updated Jun 17, 2026
CVE-2018-13137
CVE-2018-13137
Description
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 5.9.4+ 1 more
- (no CPE)range: = 5.9.4
- (no CPE)range: =5.9.4
Patches
Vulnerability mechanics
References
4- ansawaf.blogspot.com/2019/04/cve-2018-13137-xss-in-events-manager.htmlnvdExploitThird Party Advisory
- gist.github.com/ansarisec/12737c207c0851d52865ed60c08891b7nvdExploitThird Party Advisory
- wordpress.org/plugins/events-manager/nvdProductThird Party Advisory
- wpvulndb.com/vulnerabilities/9612nvd
News mentions
0No linked articles in our index yet.