CVE-2023-47697

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-47697

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-47697.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-47697

Published

2023-11-13T23:15:08Z

Modified

2025-10-16T10:15:35.682479Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin <= 3.1.39 versions.

References

https://patchstack.com/database/vulnerability/wp-event-manager/wordpress-wp-event-manager-plugin-3-1-39-cross-site-scripting-xss-vulnerability?_s_id=cve

Affected packages

Git / github.com/wpeventmanager/wp-event-manager

Affected ranges

Type: GIT
Repo: https://github.com/wpeventmanager/wp-event-manager
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

191a4e5f5bbf487be02bd8b735f60f6f755d1970

Affected versions

3.*

3.1.14

3.1.15

3.1.16

3.1.17

3.1.18

3.1.19

3.1.20

3.1.21

3.1.23

3.1.24

3.1.25

3.1.26

3.1.27

3.1.28

3.1.29

3.1.30

3.1.31

3.1.32

3.1.33

3.1.34

3.1.35

3.1.37

3.1.37.1

3.1.38

3.1.39