Lucene search
+L

453 matches found

NVD
NVD
added 2025/04/04 4:15 p.m.15 views

CVE-2025-32225

Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through = 3.2.0...

5.3CVSS0.00458EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/04 3:59 p.m.6 views

CVE-2025-32225 WordPress WP Event Manager plugin <= 3.1.47 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Event Manager WP Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Event Manager: from n/a through 3.1.47...

5.3CVSS7.1AI score0.00458EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:59 p.m.25 views

CVE-2025-32225 WordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Event Manager WP Event Manager wp-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Event Manager: from n/a through = 3.2.0...

5.3CVSS0.00458EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/04 1:34 p.m.7 views

WordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Event Manager versions = 3.2.0...

5.3CVSS8.4AI score0.00458EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.7 views

PT-2025-14990 · WordPress · Wp Event Manager

Name of the Vulnerable Software and Affected Versions: WP Event Manager versions through 3.1.47 Description: The issue is related to Missing Authorization, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through 3.1.47, update to a...

5.3CVSS6AI score0.00458EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.9 views

WordPress plugin WP Event Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.3AI score0.00458EPSS
Exploits0References2
NVD
NVD
added 2025/04/03 2:15 p.m.5 views

CVE-2025-31739

Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager minimalistic-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimalistic Event Manager: from n/a through = 1.1.1...

6.4CVSS0.0032EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/03 1:27 p.m.18 views

CVE-2025-31739 WordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Manuel Schmalstieg Minimalistic Event Manager minimalistic-event-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimalistic Event Manager: from n/a through = 1.1.1...

6.4CVSS0.0032EPSS
Exploits0References1
CVE
CVE
added 2025/04/03 1:27 p.m.43 views

CVE-2025-31739

Technical details for CVE-2025-31739 are not provided in the supplied documents. No product/version/impact/remediation details are available here. Monitor for updates from official advisories on Minimalistic Event Manager.

6.4CVSS7.2AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.5 views

WordPress plugin Minimalistic Event Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS7.1AI score0.0032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.7 views

PT-2025-14731 · Unknown · Minimalistic Event Manager

Name of the Vulnerable Software and Affected Versions: Minimalistic Event Manager versions 1.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions 1.1...

6.4CVSS6.8AI score0.0032EPSS
Exploits0References3
NVD
NVD
added 2025/03/20 6:15 a.m.24 views

CVE-2025-1766

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...

5.3CVSS0.00343EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/20 5:22 a.m.6 views

CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...

5.3CVSS5.2AI score0.00343EPSS
Exploits0References3
CVE
CVE
added 2025/03/20 5:22 a.m.75 views

CVE-2025-1766

CVE-2025-1766 affects the WordPress plugin Eventin (Event Manager/Events Calendar/Tickets/Registrations) up to version 4.0.24. Root cause: missing capability check in the payment_complete function allows unauthenticated modification of data, enabling an attacker to set ticket payments to 'complet...

5.3CVSS5.3AI score0.00343EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/20 5:22 a.m.19 views

CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...

5.3CVSS0.00343EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/20 5:22 a.m.8 views

CVE-2025-1770 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

8.8CVSS8.9AI score0.00781EPSS
Exploits0References4
CVE
CVE
added 2025/03/20 5:22 a.m.72 views

CVE-2025-1770

CVE-2025-1770 : Local File Inclusion in WordPress plugin “Eventin” (Event Manager, Events Calendar, Tickets, Registrations) up to version 4.0.24 via the style parameter. Exploitation requires authenticated access at Contributor level or higher and can lead to arbitrary file inclusion and executio...

8.8CVSS8.9AI score0.00781EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/03/20 5:22 a.m.26 views

CVE-2025-1770 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

8.8CVSS0.00781EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 11:55 a.m.10 views

CVE-2024-7149

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, t...

8.8CVSS7.6AI score0.01025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:17 a.m.11 views

CVE-2024-24796

Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin: from n/a through 4.1.1...

8.8CVSS8.3AI score0.00499EPSS
Exploits0References1
Rows per page
Query Builder