Vulnerabilities > Pixelite > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-13 CVE-2015-9300 Cross-site Scripting vulnerability in Pixelite Events Manager
The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.
network
low complexity
pixelite CWE-79
6.1
2019-08-13 CVE-2015-9299 Cross-site Scripting vulnerability in Pixelite Events Manager
The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.
network
low complexity
pixelite CWE-79
6.1
2019-08-13 CVE-2015-9297 Cross-site Scripting vulnerability in Pixelite Events Manager
The events-manager plugin before 5.6 for WordPress has XSS.
network
low complexity
pixelite CWE-79
6.1
2019-04-12 CVE-2018-13137 Cross-site Scripting vulnerability in Pixelite Events Manager 5.9.4
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.
network
low complexity
pixelite CWE-79
4.8
2018-05-14 CVE-2018-0576 Cross-site Scripting vulnerability in Pixelite Events Manager
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
pixelite CWE-79
5.4
2018-03-26 CVE-2018-9020 Cross-site Scripting vulnerability in Pixelite Events Manager
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.
network
low complexity
pixelite CWE-79
5.4