CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Fullworksplugins 1Quick Event Manager Jun 17, 2026 Apr 6, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions. |
1Fullworksplugins 1Quick Event Manager Jun 17, 2026 Mar 28, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4 versions. |
1Fullworksplugins 1Quick Event Manager Jun 17, 2026 Mar 1, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). |
1Fullworksplugins 1Quick Event Manager Jun 17, 2026 Jan 20, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action. |