VYPR

Quick Event Manager

by WordPress

Source repositories

CVEs (5)

  • CVE-2023-23979HigApr 6, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions.

  • CVE-2023-23491MedJan 20, 2023
    risk 0.40cvss 6.1epss 0.01

    The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action.

  • CVE-2022-46863MedMar 28, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4 versions.

  • CVE-2023-23975MedDec 9, 2024
    risk 0.35cvss 5.3epss 0.01

    Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4.

  • CVE-2023-23974MedMar 1, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).