← Back

Quick Event Manager

quick_event_manager

Vendor: Fullworksplugins • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Fullworksplugins
1Quick Event Manager
Jun 17, 2026
Apr 6, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions.
1Fullworksplugins
1Quick Event Manager
Jun 17, 2026
Mar 28, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4 versions.
1Fullworksplugins
1Quick Event Manager
Jun 17, 2026
Mar 1, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update).
1Fullworksplugins
1Quick Event Manager
Jun 17, 2026
Jan 20, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action.