97 matches found
CVE-2025-39483
CVE-2025-39483 is an Unauthenticated Shortcode/Code Injection vulnerability in the imithemes Eventer WordPress plugin. Affected: Eventer before 3.9.9.1 (via versions up to 3.9.6 per sources). Impact: shortcodes could be abused to inject code. Remediation: update Eventer to version 3.9.9.1 or late...
PT-2025-33168 · WordPress · Imithemes Eventer
Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions n/a through 3.9.6 Description: An improper control of generation of code 'Code Injection' issue exists in imithemes Eventer, allowing code injection. Recommendations: Update imithemes Eventer to a version later than...
WordPress plugin Eventer 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
WordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerability
Content Injection vulnerability discovered by Bonds in WordPress Plugin Eventer versions 3.9.9.1...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39481
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39482
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-39481
CVE-2025-39481 describes a SQL Injection in the WordPress plugin Eventer (imithemes Eventer) via improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected: Eventer versions up to before 3.11.4 (i.e., 3.11.3 and earlier). Impact as per sources is high conf...
CVE-2025-39482 WordPress Eventer - WordPress Event & Booking Manager Plugin plugin < 3.11.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4...
CVE-2025-39482
CVE-2025-39482 affects the WordPress plugin Eventer (IMITHEMEs) for WordPress. The issue is a Missing Authorization/broken access-control vulnerability, allowing unauthorized actions due to incorrectly configured access levels. Public details indicate affected versions include Eventer prior to 3....
CVE-2025-39482 WordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a through 3.11.4...
WordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Anhchangmutrang in WordPress Plugin Eventer versions 3.11.4...
PT-2025-21696
Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions 3.9.6 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command, which allows Blind SQL Injection...