CVE-2025-3527 | EventON Pro Plugin up to 4.9.6 on WordPress Setting settings.js cross site scripting

Inserito da Angelo Barbosa | Mag 17, 2025 | CVE

A vulnerability classified as problematic was found in EventON Pro Plugin up to 4.9.6 on WordPress. This vulnerability affects unknown code in the library assets/lib/settings/settings.js of the component Setting Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-3527. The attack can be initiated remotely. There is no exploit available.

CVE-2025-3527 | EventON Pro Plugin up to 4.9.6 on WordPress Setting settings.js cross site scripting

Post correlati

CVE-2023-7092 | Uniway UW-302VP 2.0 Admin Web Interface wlan_basic_set.cgi wlanssid cross-site request forgery

CVE-2024-48706 | Collabtive 3.1 managemessage.php title cross site scripting

CVE-2024-23341 | TuiTse-TsuSin prior 1.3.2 tuitse_html cross site scripting

CVE-2024-29212 | Veeam Service Provider Console 8/up to 7 Management Agent deserialization (kb4575)