GCVE - cpe:2.3:a:fullworks:quick_event_manager:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fullworks:quick_event_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Fullworks (`46451953-f05c-5f0a-aa80-4c29dd7c2b84`)
Product	Quick Event Manager (`abc8d4c7-6e4b-518a-b1a2-412bddeff612`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-23979`	vulnerable	2026-06-08 05:56:04.929507	WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS) HIGH (7.1) Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions. Published: 2023-04-06T05:17:03.440Z Updated: 2026-04-28T16:08:04.479Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/quick-event-manager/wordpress-quick-event-manager-plugin-9-7-4-cross-site-scripting-xss?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23975`	vulnerable	2026-06-08 05:56:04.915719	WordPress Quick Event Manager plugin <= 9.7.4 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4. Published: 2024-12-09T11:31:43.110Z Updated: 2026-04-28T16:08:04.271Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/quick-event-manager/vulnerability/wordpress-quick-event-manager-plugin-9-7-4-broken-access-control?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23974`	vulnerable	2026-06-08 05:56:04.915105	WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (5.4) Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit, update). Published: 2023-03-01T12:33:35.686Z Updated: 2026-04-28T16:08:04.219Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/quick-event-manager/wordpress-quick-event-manager-plugin-9-7-4-cross-site-request-forgery-csrf?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-46863`	vulnerable	2026-06-08 05:50:39.663699	WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS) MEDIUM (5.9) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4 versions. Published: 2023-03-28T08:04:14.649Z Updated: 2026-04-28T16:07:56.147Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/quick-event-manager/wordpress-quick-event-manager-plugin-9-6-4-cross-site-scripting-xss?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.