VYPR
Vendor

Community Events Project

Products
3
CVEs
8
Across products
8
Status
Private

Products

3

Recent CVEs

8
  • CVE-2015-3313CriSep 7, 2017
    risk 0.67cvss 9.8epss 0.08

    SQL injection vulnerability in WordPress Community Events plugin before 1.4.

  • CVE-2026-32367CriMar 13, 2026
    risk 0.59cvss 9.1epss 0.00

    Improper Control of Generation of Code ('Code Injection') vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through <= 3.5.16.

  • CVE-2024-6270Aug 5, 2024
    risk 0.00cvss epss 0.00

    The Community Events WordPress plugin before 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in…

  • CVE-2024-38711Jul 20, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1.

  • CVE-2024-35687Jun 8, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Library: from n/a through 7.6.3.

  • CVE-2023-31071Aug 17, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions.

  • CVE-2023-24001Apr 6, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.9 versions.

  • CVE-2022-44742Mar 23, 2023
    risk 0.00cvss epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting vulnerability in Yannick Lefebvre Community Events plugin <= 1.4.8 versions.