Approved changes feed: RSS · Atom

cpe:2.3:a:presstigers:simple_event_planner_(wordpress_plugin):*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPresstigers (1cb21d96-6088-5991-8415-d9f9b208dc72)
ProductSimple Event Planner (Wordpress Plugin) (2ec4ef46-2ad5-574d-ae0f-7a120b706a4d)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-25612 vulnerable 2026-06-08 05:41:46.050145 WordPress Simple Event Planner plugin <= 1.5.4 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities
MEDIUM (4.1)
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact].
Published: 2022-03-25T18:02:36.241Z
Updated: 2026-04-28T16:07:39.114Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-25611 vulnerable 2026-06-08 05:41:46.048718 WordPress Simple Event Planner plugin <= 1.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
MEDIUM (4.1)
Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].
Published: 2022-03-25T18:02:35.154Z
Updated: 2026-04-28T16:07:39.111Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.