Lucene search
K

437 matches found

Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.4 views

PT-2026-26261

CVE-2026-25312 Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a thro… https://t.co/3ryCxu9GIp...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.8 views

WordPress plugin EventPrime 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/18 11:3 a.m.5 views

WordPress EventPrime plugin <= 4.2.8.3 - Payment Bypass vulnerability

Payment Bypass vulnerability discovered by Zeeshan Haider in WordPress Plugin EventPrime versions = 4.2.8.3...

7.5CVSS5.8AI score0.00206EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/17 10:33 a.m.5 views

WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin EventPrime versions = 4.2.8.0...

9.8CVSS5.8AI score0.0051EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/10 11:38 a.m.6 views

WordPress EventPrime plugin <= 4.2.6.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin EventPrime versions = 4.2.6.0...

7.5CVSS5.8AI score0.00314EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/20 2:36 p.m.6 views

WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin EventPrime versions = 4.2.8.3...

5.3CVSS5.4AI score0.0024EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/20 1:27 p.m.4 views

CVE-2026-25389

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS5.5AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.4 views

CVE-2026-25389

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:27 a.m.27 views

CVE-2026-25389 WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.4 views

CVE-2026-25389

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.5AI score0.0024EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 8:27 a.m.3 views

CVE-2026-25389 WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.3CVSS5.9AI score0.0024EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:27 a.m.10 views

CVE-2026-25389

CVE-2026-25389 affects WordPress EventPrime (EventPrime: Metagauss) and is a Sensitive Data Exposure vulnerability. The issue allows retrieval of embedded sensitive data by an unauthenticated actor and affects EventPrime versions from n/a up to and including 4.2.8.3; the entry indicates it is pat...

5.3CVSS5.5AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:28 a.m.5 views

CVE-2026-1655

The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...

4.3CVSS5.5AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20723

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through = 4.2.8.3...

5.5AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

WordPress plugin EventPrime 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 8:16 a.m.8 views

CVE-2026-1655

The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...

4.3CVSS0.00281EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/18 7:25 a.m.3 views

CVE-2026-1655

The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...

4.3CVSS5.5AI score0.00281EPSS
Exploits0References7
CVE
CVE
added 2026/02/18 7:25 a.m.16 views

CVE-2026-1655

CVE-2026-1655 — EventPrime for WordPress : Unauthorized post modification due to missing authorization checks in save_frontend_event_submission, which uses a user-controlled event_id to update posts. Affected versions are up to 4.2.8.4; patch exists in 4.2.8.4+. The issue allows authenticated (Cu...

4.3CVSS5.5AI score0.00281EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/18 7:25 a.m.29 views

CVE-2026-1655 EventPrime <= 4.2.8.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Event Modification via 'event_id' Parameter

The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...

4.3CVSS0.00281EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/18 7:25 a.m.6 views

CVE-2026-1655 EventPrime <= 4.2.8.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Event Modification via 'event_id' Parameter

The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...

4.3CVSS5.5AI score0.00281EPSS
Exploits0References6
Rows per page
Query Builder