Medium severity5.4NVD Advisory· Published Oct 16, 2019· Updated Jun 17, 2026
CVE-2019-16523
CVE-2019-16523
Description
The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/events-manager plugindescription
- Range: <=5.9.5
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2019/10/16/4nvdExploitMailing ListThird Party Advisory
- github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-03_WordPress_Plugin_Events_ManagernvdExploitThird Party Advisory
- wordpress.org/plugins/events-manager/nvdProductThird Party Advisory
- wpvulndb.com/vulnerabilities/9916nvdThird Party Advisory
News mentions
0No linked articles in our index yet.