203 matches found
WordPress Eventin plugin <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' vulnerability
Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'postsettings' vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Eventin versions = 4.0.51...
CVE-2025-14657
The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...
CVE-2025-14657
CVE-2025-14657 affects the Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin for WordPress (AI Powered). The WordFence report confirms an unauthenticated bypass: missing authorization to modify settings via post_settings, allowing data modification. The issue also ...
CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings'
The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...
WordPress plugin Eventin 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1749
Name of the Vulnerable Software and Affected Versions Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress versions up to and including 4.0.51 Description The Eventin plugin for WordPress is susceptible to unauthorized data modification because of a missi...
CVE-2025-1766
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'paymentcomplete' function in all versions up to, and including, 4.0.24. This makes it possible for unauthenticated...
WordPress Eventin plugin <= 4.0.37 - Unauthenticated Server-Side Request Forgery vulnerability
Unauthenticated Server-Side Request Forgery vulnerability discovered by Gai Tanaka 63n0 in WordPress Plugin Eventin versions = 4.0.37...
WordPress Eventin plugin <= 4.0.26 - Unauthenticated Arbitrary File Read vulnerability
Unauthenticated Arbitrary File Read vulnerability discovered by mikemyers in WordPress Plugin Eventin versions = 4.0.26...
Exploit for Authorization Bypass Through User-Controlled Key in Themewinter Eventin
CVE-2025-4796 eventin and update the speaker email to an emai...
Exploit for Authorization Bypass Through User-Controlled Key in Themewinter Eventin
CVE-2025-4796 Eventin = 4.0.34 - Authenticated Contributo...
EUVD-2024-53011
Malicious code in bioql PyPI...
EUVD-2025-14869
Malicious code in bioql PyPI...
EUVD-2025-24777
Malicious code in bioql PyPI...
EUVD-2024-16896
Malicious code in bioql PyPI...
EUVD-2025-25631
Malicious code in bioql PyPI...
EUVD-2025-5440
Malicious code in bioql PyPI...
EUVD-2024-36718
Malicious code in bioql PyPI...
EUVD-2023-53679
Malicious code in bioql PyPI...
EUVD-2025-19286
Malicious code in bioql PyPI...