Lucene search
K

362 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34520

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00341EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/08/23 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-0235

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog...

5.3CVSS5.8AI score0.37957EPSS
In wildExploits3References50
RedhatCVE
RedhatCVE
added 2025/08/17 8:29 a.m.12 views

CVE-2025-8091

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...

4.3CVSS7.3AI score0.00377EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 9:15 a.m.22 views

CVE-2025-8091

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00377EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/08/15 8:25 a.m.6 views

CVE-2025-8091 EventON Lite <= 2.4.6 - Authenticated (Contributor+) Information Disclosure

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...

4.3CVSS7.2AI score0.00377EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/15 8:25 a.m.31 views

CVE-2025-8091 EventON Lite <= 2.4.7 - Authenticated (Contributor+) Information Disclosure

The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00377EPSS
Exploits0References7
CVE
CVE
added 2025/08/15 8:25 a.m.24 views

CVE-2025-8091

CVE-2025-8091 affects EventON Lite for WordPress (versions &lt;= 2.4.6). Multiple sources confirm an Information Disclosure vulnerability via add_single_eventon/add_eventon shortcodes, enabling access to data from protected or draft posts. advisories converge on upgrading to 2.4.7+ (PTSecurity no...

4.3CVSS7.2AI score0.00377EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

WordPress plugin EventON Lite 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

4.3CVSS6.1AI score0.00377EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.13 views

PT-2025-33465 · WordPress · Eventon Lite

Name of the Vulnerable Software and Affected Versions: EventON Lite versions prior to 2.4.7 Description: The EventON Lite plugin for WordPress is vulnerable to Information Exposure in versions prior to 2.4.7 via the add single eventon and add eventon shortcodes. Insufficient restrictions on post...

4.3CVSS6.5AI score0.00377EPSS
Exploits0References11
Patchstack
Patchstack
added 2025/08/14 11:14 p.m.11 views

WordPress EventON Lite plugin <= 2.4.6 - Authenticated (Contributor+) Information Disclosure vulnerability

Authenticated Contributor+ Information Disclosure vulnerability discovered by Takihana Shota in WordPress Plugin EventON versions = 2.4.6...

4.3CVSS6.4AI score0.00377EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/06 11:22 a.m.10 views

CVE-2025-47565

Missing Authorization vulnerability in ashanjay EventON eventon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventON: from n/a through = 4.9.9...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 12:15 p.m.5 views

CVE-2025-47565

Missing Authorization vulnerability in ashanjay EventON eventon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventON: from n/a through = 4.9.9...

6.3CVSS0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 11:18 a.m.4 views

CVE-2025-47565 WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ashanjay EventON eventon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventON: from n/a through = 4.9.9...

6.3CVSS5.1AI score0.00227EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/04 11:18 a.m.13 views

CVE-2025-47565 WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ashanjay EventON eventon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventON: from n/a through = 4.9.9...

6.3CVSS0.00227EPSS
Exploits0References1
CVE
CVE
added 2025/07/04 11:18 a.m.20 views

CVE-2025-47565

CVE-2025-47565 is a Missing Authorization (broken access control) vulnerability in the WordPress EventON plugin, affecting versions up to 4.9.9. The issue arises from incorrectly configured access control security levels, enabling an access-control bypass as described in multiple sources. The CVS...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.3 views

WordPress plugin EventON 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.3CVSS6.5AI score0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.5 views

PT-2025-27913 · Eventon · Eventon

Name of the Vulnerable Software and Affected Versions: EventON versions prior to 4.9.9 Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions prior to 4.9.9, update t...

6.3CVSS6.4AI score0.00227EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/07/03 12:6 p.m.7 views

WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyễn Trung Kiên anhchangmutrang in WordPress Plugin EventON versions = 4.9.9...

6.3CVSS6.8AI score0.00227EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:33 a.m.10 views

CVE-2024-0236

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...

5.3CVSS7.2AI score0.00453EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:33 a.m.11 views

CVE-2024-0238

The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata...

6.1CVSS7AI score0.00373EPSS
Exploits1References1
Rows per page
Query Builder