Netweblogic Events Manager – Calendar, Bookings, Tickets, And More!
12 CVEs affecting Netweblogic Events Manager – Calendar, Bookings, Tickets, And More!. Latest disclosed: 2025-12-18. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-6970 | High | 7.5 | 2025-07-09 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all v… |
CVE-2024-11260 | High | 7.5 | 2025-02-21 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the active_status parameter in a… |
CVE-2025-12976 | Medium | 6.4 | 2025-12-18 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'events_list_gro… |
CVE-2025-6976 | Medium | 6.4 | 2025-07-09 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in a… |
CVE-2024-3492 | Medium | 6.4 | 2024-06-12 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'event', 'locati… |
CVE-2024-2111 | Medium | 6.4 | 2024-03-28 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the physical location value i… |
CVE-2025-6975 | Medium | 6.1 | 2025-07-09 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘calendar_header’ para… |
CVE-2024-5889 | Medium | 6.1 | 2024-06-29 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘country’ parameter in… |
CVE-2025-12408 | Medium | 5.3 | 2025-12-12 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 7… |
CVE-2024-0614 | Medium | 4.4 | 2024-03-13 | The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.4.6.4 due to in… |
CVE-2025-12407 | Medium | 4.3 | 2025-12-12 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and includi… |
CVE-2024-2110 | Medium | 4.3 | 2024-03-28 | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and includi… |