Vulnerabilities > Pixelite > Events Manager > 6.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-21 | CVE-2024-11260 | SQL Injection vulnerability in Pixelite Events Manager The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 7.5 |