Fullworks — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Fullworks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Fullworks:Quick Paypal Payments Quick Event Manager Quick Contact Form Display Eventbrite Events Meet My Team (WordPress plugin)Simple Shortcode for Google Maps

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-39535	WordPress Display Eventbrite Events plugin <= 6.5.6 - Broken Access Control vulnerability — Display Eventbrite EventsCWE-862	9.1^AI	Critical^AI	2026-04-08
CVE-2025-27003	WordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerability — Quick Paypal PaymentsCWE-352	4.3	Medium	2025-09-05
CVE-2025-47510	WordPress Display Eventbrite Events plugin < 6.3 - Local File Inclusion Vulnerability — Display Eventbrite EventsCWE-98	7.5	High	2025-05-07
CVE-2023-25714	WordPress Quick Paypal Payments plugin <= 5.7.25 - Broken Access Control vulnerability — Quick Paypal PaymentsCWE-862	7.5	High	2024-12-09
CVE-2024-10621	Simple Shortcode for Google Maps <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Simple Shortcode for Google MapsCWE-80	6.4	Medium	2024-11-08
CVE-2023-23889	WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) — Quick Paypal PaymentsCWE-79	6.5	Medium	2023-04-25
CVE-2022-47608	WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS) — Quick Contact FormCWE-79	5.9	Medium	2023-04-25
CVE-2023-25713	WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) — Quick Paypal PaymentsCWE-79	7.1	High	2023-04-07
CVE-2023-25702	WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS) — Quick Paypal PaymentsCWE-79	5.9	Medium	2023-04-07
CVE-2023-23885	WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS) — Quick Contact FormCWE-79	6.5	Medium	2023-04-07
CVE-2023-23979	WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Scripting (XSS) — Quick Event ManagerCWE-79	7.1	High	2023-04-06
CVE-2022-46863	WordPress Quick Event Manager Plugin <= 9.6.4 is vulnerable to Cross Site Scripting (XSS) — Quick Event ManagerCWE-79	5.9	Medium	2023-03-28
CVE-2023-23974	WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Request Forgery (CSRF) — Quick Event ManagerCWE-352	5.4	Medium	2023-03-01
CVE-2022-37339	WordPress Meet My Team plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Meet My Team (WordPress plugin)CWE-79	4.1	Medium	2022-09-23

This page lists every published CVE security advisory associated with Fullworks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Support Us — Your donation helps us keep running

Fullworks — Vulnerabilities & Security Advisories 14