Lucene search
K

203 matches found

Patchstack
Patchstack
added 2026/01/09 8:56 a.m.9 views

WordPress Eventin plugin <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' vulnerability

Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'postsettings' vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Eventin versions = 4.0.51...

7.2CVSS5.3AI score0.00307EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/01/09 8:15 a.m.6 views

CVE-2025-14657

The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...

7.2CVSS0.00307EPSS
Exploits0References4
CVE
CVE
added 2026/01/09 7:22 a.m.36 views

CVE-2025-14657

CVE-2025-14657 affects the Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin for WordPress (AI Powered). The WordFence report confirms an unauthenticated bypass: missing authorization to modify settings via post_settings, allowing data modification. The issue also ...

7.2CVSS5.3AI score0.00307EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/09 7:22 a.m.2 views

CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings'

The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...

7.2CVSS5.3AI score0.00307EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.4 views

WordPress plugin Eventin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.2CVSS6.4AI score0.00307EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.8 views

PT-2026-1749

Name of the Vulnerable Software and Affected Versions Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress versions up to and including 4.0.51 Description The Eventin plugin for WordPress is susceptible to unauthorized data modification because of a missi...

7.2CVSS5.9AI score0.00307EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.9 views

CVE-2025-1766

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...

5.3CVSS7.2AI score0.00343EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Eventin plugin <= 4.0.37 - Unauthenticated Server-Side Request Forgery vulnerability

Unauthenticated Server-Side Request Forgery vulnerability discovered by Gai Tanaka 63n0 in WordPress Plugin Eventin versions = 4.0.37...

7.2CVSS5.5AI score0.00274EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.11 views

WordPress Eventin plugin <= 4.0.26 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by mikemyers in WordPress Plugin Eventin versions = 4.0.26...

7.5CVSS5.5AI score0.00609EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2025/10/31 10:39 a.m.247 views

Exploit for Authorization Bypass Through User-Controlled Key in Themewinter Eventin

CVE-2025-4796 eventin and update the speaker email to an emai...

8.8CVSS7.1AI score0.00564EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/10/25 3:35 a.m.196 views

Exploit for Authorization Bypass Through User-Controlled Key in Themewinter Eventin

CVE-2025-4796 Eventin = 4.0.34 - Authenticated Contributo...

8.8CVSS7.4AI score0.00564EPSS
Exploits3
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-53011

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00555EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-14869

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.0465EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24777

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00349EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-16896

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00471EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25631

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00274EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5440

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.007EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36718

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-53679

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00575EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19286

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder