Lucene search
K

97 matches found

CVE
CVE
added 2025/08/14 10:34 a.m.16 views

CVE-2025-39483

CVE-2025-39483 is an Unauthenticated Shortcode/Code Injection vulnerability in the imithemes Eventer WordPress plugin. Affected: Eventer before 3.9.9.1 (via versions up to 3.9.6 per sources). Impact: shortcodes could be abused to inject code. Remediation: update Eventer to version 3.9.9.1 or late...

6.5CVSS5.9AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.4 views

PT-2025-33168 · WordPress · Imithemes Eventer

Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions n/a through 3.9.6 Description: An improper control of generation of code 'Code Injection' issue exists in imithemes Eventer, allowing code injection. Recommendations: Update imithemes Eventer to a version later than...

6.5CVSS7.4AI score0.00249EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.3 views

WordPress plugin Eventer 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

6.5CVSS5AI score0.00249EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/08/04 12:43 p.m.6 views

WordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerability

Content Injection vulnerability discovered by Bonds in WordPress Plugin Eventer versions 3.9.9.1...

6.5CVSS5AI score0.00249EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.21 views

CVE-2025-39482

Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...

8.8CVSS7.2AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/18 4:2 p.m.18 views

CVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

9.8CVSS7.3AI score0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/16 4:15 p.m.2 views

CVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4...

9.8CVSS8.6AI score0.00443EPSS
Exploits0References2
OSV
OSV
added 2025/05/16 4:15 p.m.3 views

CVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4...

9.8CVSS5.8AI score0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/16 4:15 p.m.3 views

CVE-2025-39482

Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...

8.8CVSS8.3AI score0.00434EPSS
Exploits0References2
NVD
NVD
added 2025/05/16 4:15 p.m.13 views

CVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

9.8CVSS0.00443EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 4:15 p.m.15 views

CVE-2025-39482

Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...

8.8CVSS0.00434EPSS
Exploits0References1
OSV
OSV
added 2025/05/16 4:15 p.m.3 views

CVE-2025-39482

Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...

8.8CVSS5.8AI score0.00434EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.11 views

CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

9.3CVSS8.9AI score0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.42 views

CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

9.3CVSS0.00443EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.32 views

CVE-2025-39481

CVE-2025-39481 describes a SQL Injection in the WordPress plugin Eventer (imithemes Eventer) via improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected: Eventer versions up to before 3.11.4 (i.e., 3.11.3 and earlier). Impact as per sources is high conf...

9.8CVSS7.3AI score0.00443EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.6 views

CVE-2025-39482 WordPress Eventer - WordPress Event & Booking Manager Plugin plugin < 3.11.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...

4.3CVSS8.3AI score0.00434EPSS
Exploits0References1
CVE
CVE
added 2025/05/16 3:45 p.m.31 views

CVE-2025-39482

CVE-2025-39482 affects the WordPress plugin Eventer (IMITHEMEs) for WordPress. The issue is a Missing Authorization/broken access-control vulnerability, allowing unauthorized actions due to incorrectly configured access levels. Public details indicate affected versions include Eventer prior to 3....

8.8CVSS7.2AI score0.00434EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.36 views

CVE-2025-39482 WordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...

4.3CVSS0.00434EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 12:54 p.m.8 views

WordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Anhchangmutrang in WordPress Plugin Eventer versions 3.11.4...

8.8CVSS8.3AI score0.00434EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.6 views

PT-2025-21696

Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions 3.9.6 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command, which allows Blind SQL Injection...

9.8CVSS8.7AI score0.00443EPSS
Exploits0References5
Rows per page
Query Builder