WordPress EventON (Pro) - WordPress Virtual Event Calendar Plugin plugin <= 5.0.11 - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection vulnerability

WordPress EventON Pro - WordPress Virtual Event Calendar Plugin plugin = 5.0.11 - WordPress Virtual Event Calendar Plugin = 5.0.11 - Unauthenticated Blind SQL Injection vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin EventON versions = 5.0.11...

WordPress EventON Pro Plugin < 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software EventON Pro Type Plugin Vulnerable versions 4.4.1 Fixed in 4.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7200 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f88412538f0b Credits kauenavarro Required...

WordPress Plugin EventON Pro Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site request forgery...

WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Broken Access Control

Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6158 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b43943b2a15f Credits Francesco Carlucci Required...

WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5cacf0b27060 Credits Francesco Carlucci...