CVE-2026-1649 | Community Events Plugin up to 1.5.7 on WordPress ce_venue_name cross site scripting

07:08 - 18 Feb 2026

A vulnerability, which was classified as problematic, has been found in Community Events Plugin up to 1.5.7 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation of the argument ce_venue_name leads to cross site scripting. This vulnerability is referenced as CVE-2026-1649. Remote exploitation of the attack is possible. No exploit is available.