Vulnerabilities > Fullworksplugins > Quick Event Manager > 8.4.3

DATE CVE VULNERABILITY TITLE RISK
2023-04-06 CVE-2023-23979 Cross-site Scripting vulnerability in Fullworksplugins Quick Event Manager
Unauth.
network
low complexity
fullworksplugins CWE-79
6.1
6.1
2023-03-28 CVE-2022-46863 Cross-site Scripting vulnerability in Fullworksplugins Quick Event Manager
Auth.
network
low complexity
fullworksplugins CWE-79
4.8
4.8
2023-03-01 CVE-2023-23974 Cross-Site Request Forgery (CSRF) vulnerability in Fullworksplugins Quick Event Manager
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).
network
low complexity
fullworksplugins CWE-352
5.4
5.4
2023-01-20 CVE-2023-23491 Cross-site Scripting vulnerability in Fullworksplugins Quick Event Manager
The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action.
network
low complexity
fullworksplugins CWE-79
6.1
6.1