CVE-2025-68007

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007 WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007 WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007

CVE-2025-68007 corresponds to a Missing Authorization/Settings Change vulnerability in WordPress Event Espresso 4 Decaf (affected

WordPress plugin Event Espresso 4 Decaf has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4051

Name of the Vulnerable Software and Affected Versions Event Espresso versions through 5.0.37.decaf Description An authorization issue exists in Event Espresso 4 Decaf, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Event Espresso 4 Decaf to ...

WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability

Settings Change vulnerability discovered by Legion Hunter in WordPress Plugin Event Espresso 4 Decaf versions = 5.0.37.decaf...

EUVD-2023-31213

Malicious code in bioql PyPI...

CVE-2021-4404

The Event Espresso 4 Decaf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.10.11. This is due to missing or incorrect nonce validation on the ajaxHandler function. This makes it possible for unauthenticated attackers to op into notifications vi...

CVE-2024-56251 WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Event Espresso Event Espresso 4 Decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through 5.0.28.decaf...

CVE-2024-56251

CVE-2024-56251 describes a Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso – Event Registration & Ticketing Sales (Decaf). Affected plugin: Event Espresso – Event Registration & Ticketing Sales; vulnerable range: Event Espresso 4 Decaf from n/a through 5.0.28.decaf. The connecte...

WordPress plugin Event Espresso 4 Decaf 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Event Espresso 4 Decaf Version...

WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Event Espresso 4 Decaf versions = 5.0.28.decaf...

CVE-2024-6883

The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to, and including, 5.0.22.decaf. This mak...

CVE-2024-6883

The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to and including 4.10.46.decaf. This make...

CVE-2024-6883 Event Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification

The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to and including 4.10.46.decaf. This make...

CVE-2024-6883 Event Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification

The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to and including 4.10.46.decaf. This make...

WordPress Event Espresso 4 Decaf plugin < 5.0.22.decaf - Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification vulnerability

Authenticated Subscriber+ Missing Authorization to Limited Plugin Settings Modification vulnerability discovered by Lucio Sá in WordPress Plugin Event Espresso 4 Decaf versions 5.0.22.decaf...