← Back

Simple Event Planner

simple_event_planner

Vendor: Presstigers • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-25612
1Presstigers
1Simple Event Planner
Jun 17, 2026
Mar 25, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parame...Show more
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact].Show less
CVE-2022-25611
1Presstigers
1Simple Event Planner
Jun 17, 2026
Mar 25, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg]...Show more
Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].Show less