VYPR

Eventbee Ticketing Widget

by WordPress

CVEs (1)

  • CVE-2025-11856MedNov 11, 2025
    risk 0.42cvss 6.4epss 0.00

    The Eventbee Ticketing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eventbeeticketwidget' shortcode in all versions up to, and including, 1.0. This is due to the plugin not properly sanitizing user input and output of several parameters. This…