WordPress Simple WP Events plugin <= 1.8.17 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by khanhhnahk1 - VNPT Cyber Immunity in WordPress Plugin Simple WP Events versions = 1.8.17...

EUVD-2025-9820

Malicious code in bioql PyPI...

EUVD-2025-10784

Malicious code in bioql PyPI...

EUVD-2025-11696

Malicious code in bioql PyPI...

CVE-2025-32594

Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events simple-wp-events allows Retrieve Embedded Sensitive Data.This issue affects Simple WP Events: from n/a through = 1.8.17...

CVE-2025-32594

CVE-2025-32594 – Publicly disclosed vulnerability in WordPress plugin Simple WP Events (

CVE-2025-32594 WordPress Simple WP Events plugin <= 1.8.17 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events allows Retrieve Embedded Sensitive Data. This issue affects Simple WP Events: from n/a through 1.8.17...

CVE-2025-32594 WordPress Simple WP Events plugin <= 1.8.17 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WPMinds Simple WP Events simple-wp-events allows Retrieve Embedded Sensitive Data.This issue affects Simple WP Events: from n/a through = 1.8.17...

WordPress plugin Simple WP Events 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-17130 · Wpminds · Wpminds Simple Wp Events

Name of the Vulnerable Software and Affected Versions: WPMinds Simple WP Events versions 1.8.17 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions 1.8.17 and earlier, update...

CVE-2025-32509

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPMinds Simple WP Events simple-wp-events allows Path Traversal.This issue affects Simple WP Events: from n/a through = 1.8.17...

CVE-2025-32509

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPMinds Simple WP Events simple-wp-events allows Path Traversal.This issue affects Simple WP Events: from n/a through = 1.8.17...

CVE-2025-32509 WordPress Simple WP Events plugin <= 1.8.17 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPMinds Simple WP Events allows Path Traversal. This issue affects Simple WP Events: from n/a through 1.8.17...

CVE-2025-32509 WordPress Simple WP Events plugin <= 1.8.17 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPMinds Simple WP Events simple-wp-events allows Path Traversal.This issue affects Simple WP Events: from n/a through = 1.8.17...

CVE-2025-32509

CVE-2025-32509 affects WordPress plugin Simple WP Events (versions ≤ 1.8.17). The issue is an improper limitation of a pathname to a restricted directory, i.e., a path traversal vulnerability. Some connected sources also indicate the underlying impact as arbitrary file deletion. The vulnerability...

PT-2025-16053 · Wpminds · Wpminds Simple Wp Events

Name of the Vulnerable Software and Affected Versions: WPMinds Simple WP Events versions 1.8.17 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as 'Path Traversal'. This allows an attacker to traverse the file system and...

CVE-2025-2004 Simple WP Events <= 1.8.17 - Unauthenticated Arbitrary File Deletion

The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpedeletefile AJAX action in all versions up to, and including, 1.8.17. This makes it possible for unauthenticated attackers to delete arbitrary files on the server,...

CVE-2025-2004

CVE-2025-2004 affects Simple WP Events for WordPress. Unauthenticated attackers can delete arbitrary files via wpe_delete_file due to insufficient file path validation in all versions up to 1.8.17, with possible remote code execution if critical files (e.g., wp-config.php) are removed. The Wordfe...

CVE-2025-2004 Simple WP Events <= 1.8.17 - Unauthenticated Arbitrary File Deletion

The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpedeletefile AJAX action in all versions up to, and including, 1.8.17. This makes it possible for unauthenticated attackers to delete arbitrary files on the server,...

WordPress plugin Simple WP Events 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...