Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

netweblogic — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting netweblogic. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NetWebLogic is an enterprise web application server primarily used for developing, deploying, and managing Java-based enterprise applications. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insecure default configurations, deserialization flaws, and improper access controls. The platform has faced multiple high-profile security incidents, including several critical vulnerabilities that allowed unauthenticated attackers to take complete control of affected systems. With 14 CVEs on record, NetWebLogic remains a high-value target for attackers, requiring diligent patch management and hardening to mitigate risks.

Top products by netweblogic: Events Manager – Calendar, Bookings, Tickets, and more! Events Manager Meta Tag Manager
CVE IDTitleCVSSSeverityPublished
CVE-2025-12976 Events Manager <= 7.2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'events_list_grouped' Shortcode — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.4 Medium2025-12-18
CVE-2025-12408 Events Manager <= 7.2.2.2 - Unauthenticated Information Exposure — Events Manager – Calendar, Bookings, Tickets, and more!CWE-200 5.3 Medium2025-12-12
CVE-2025-12407 Events Manager – Calendar, Bookings, Tickets, and more! <= 7.2.2.2 - Cross-Site Request Forgery to Location Deletion — Events Manager – Calendar, Bookings, Tickets, and more!CWE-352 4.3 Medium2025-12-12
CVE-2025-6976 Events Manager <= 7.0.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.4 Medium2025-07-09
CVE-2025-6975 Event Manager <= 7.0.3 - Reflected Cross-Site Scripting via `calendar_header` Parameter — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.1 Medium2025-07-09
CVE-2025-6970 Events Manager <= 7.0.3 - Unauthenticated SQL Injection via `orderby` Parameter — Events Manager – Calendar, Bookings, Tickets, and more!CWE-89 7.5 High2025-07-09
CVE-2024-11260 Events Manager – Calendar, Bookings, Tickets, and more! <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter — Events Manager – Calendar, Bookings, Tickets, and more!CWE-89 7.5 High2025-02-21
CVE-2024-5889 Events Manager <= 6.4.8 - Reflected Cross-Site Scripting — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.1 Medium2024-06-29
CVE-2024-3492 Events Manager – Calendar, Bookings, Tickets, and more! <= 6.4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via event, location, and event_category Shortcodes — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.4 Medium2024-06-12
CVE-2024-2110 Events Manager <= 6.4.7.1 - Cross-Site Request Forgery — Events Manager – Calendar, Bookings, Tickets, and more!CWE-352 4.3 Medium2024-03-28
CVE-2024-1770 Meta Tag Manager <= 3.0.2 - Authenticated (Subscriber+) PHP Object Injection — Meta Tag ManagerCWE-502 8.8 High2024-03-28
CVE-2024-2111 Events Manager <= 6.4.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 6.4 Medium2024-03-28
CVE-2024-0614 Events Manager <= 6.4.6.4 - Authenticated(Administator+) Stored Cross-Site Scripting via settings — Events Manager – Calendar, Bookings, Tickets, and more!CWE-79 4.4 Medium2024-03-13
CVE-2018-0576 WordPress Events Manager插件跨站脚本漏洞 — Events Manager 6.1 -2018-05-14

This page lists every published CVE security advisory associated with netweblogic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.