90 matches found
Exploit for CVE-2026-40776
CVE-2026-40776 Eventin wp-event-solution Broken Access C...
Exploit for CVE-2026-40776
CVE-2026-40776 — Eventin wp-event-solution Broken Access Con...
WordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Lorenzo Fradeani in WordPress Plugin WP Event SOlution versions = 4.1.8...
CVE-2026-4109
The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...
CVE-2026-4109 Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure
The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...
EUVD-2026-22231
The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...
CVE-2026-4109 Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure
The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...
CVE-2026-4109
The Eventin – Events Calendar, Event Booking, Ticket & Registration AI Powered plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the getitempermissionscheck function in all versions up to, and including, 4.1.8. This makes it possible for...
CVE-2026-4109
The CVE concerns the WordPress plugin Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) for WordPress. Affected: all versions up to and including 4.1.8. Vulnerability: improper capability check in get_item_permissions_check() allows authenticated attackers with Subscrib...
WordPress Eventin - Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure vulnerability
Events Calendar, Event Booking, Ticket & Registration AI Powered plugin = 4.1.8 Missing Authorization to Authenticated Subscriber+ Order Information Exposure vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin WP Event SOlution versions = 4.1.8...
WordPress plugin Eventin – Events Calendar, Event Booking, Ticket & Registration 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Eventin plugin <= 4.0.8 - Authenticated (Contributor+) Local File Inclusion vulnerability
Authenticated Contributor+ Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin Eventin versions = 4.0.8...
CVE-2025-68047
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through = 4.1.3...
CVE-2025-68047 WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through = 4.1.3...
CVE-2025-68047 WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through = 4.1.3...
CVE-2025-68047
CVE-2025-68047 affects the WordPress plugin Eventin (WP Event Manager) with versions up to and including 4.1.1. The issue is a deserialization of untrusted data leading to PHP object injection, reported as an authenticated vulnerability (Contributor+ access). Public references in Wordfence Intell...
WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by w41bu1 in WordPress Plugin Eventin versions = 4.1.3...
WordPress Eventin plugin <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' vulnerability
Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'postsettings' vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin Eventin versions = 4.0.51...
CVE-2025-14657
The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...
CVE-2025-14657
CVE-2025-14657 affects the Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin for WordPress (AI Powered). The WordFence report confirms an unauthenticated bypass: missing authorization to modify settings via post_settings, allowing data modification. The issue also ...