Aggregates CVE and security vulnerability intelligence across all pixelite-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk sql injection, and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise and vendor impact data exposure.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-6716 | The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links. | [email protected] | 6.1 | 0.91% | 2019-08-22 | 2026-06-16 |
| CVE-2015-9300 | The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues. | [email protected] | 6.1 | 0.92% | 2019-08-13 | 2026-06-16 |
| CVE-2015-9299 | The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. | [email protected] | 6.1 | 0.92% | 2019-08-13 | 2026-06-16 |
| CVE-2015-9298 | The events-manager plugin before 5.6 for WordPress has code injection. | [email protected] | 9.8 | 2.10% | 2019-08-13 | 2026-06-16 |
| CVE-2015-9297 | The events-manager plugin before 5.6 for WordPress has XSS. | [email protected] | 6.1 | 0.92% | 2019-08-13 | 2026-06-16 |
| CVE-2018-13137 | The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI. | [email protected] | 4.8 | 1.21% | 2019-04-12 | 2026-06-16 |
| CVE-2018-0576 | Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 5.4 | 1.52% | 2018-05-14 | 2026-06-16 |
| CVE-2018-9020 | The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature. | [email protected] | 5.4 | 1.06% | 2018-03-25 | 2026-06-16 |