Log out
Get PRO

Latest

Input validation vulnerability in Event Manager and Tickets Selling Plugin for WooCommerce 3.8.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 20, 2023

The Event Manager for WooCommerce plugin for WordPress has a security issue that could allow someone with administrator-level access to inject malicious code into web pages. This malicious code would be executed every time someone visits one of the affected pages. Versions up to and including 3.8.6 of the plugin are vulnerable to this issue due to insufficient input sanitization and output escaping.

Detected in:

Event Booking & Management Plugin for WooCommerce fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:
Event Booking Manager for WooCommerce – WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce fixed vulnerable versions: >= * <= 3.8.6
Event Manager and Tickets Selling Plugin for WooCommerce -WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.