31 matches found
CVE-2025-14029
The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxadmineventapproval function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to approve arbitrary events via t...
EUVD-2026-3151
The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxadmineventapproval function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to approve arbitrary events via t...
CVE-2025-14029 Community Events <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter
The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxadmineventapproval function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to approve arbitrary events via t...
WordPress Community Events plugin <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability
Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Community Events versions = 1.5.6...
EUVD-2007-4492
Malware in sbrugna...
EUVD-2018-16864
Malware in sbrugna...
EUVD-2025-25335
Malicious code in bioql PyPI...
WordPress Event List plugin <= 2.0.4 - Authenticated (Subscriber+) Privilege Escalation vulnerability
Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Tonn in WordPress Plugin eventlist versions = 2.0.4...
CVE-2025-53204
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through = 1.9.2...
CVE-2025-53204
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through = 1.9.2...
CVE-2025-53204 WordPress eventlist plugin <= 1.9.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme eventlist eventlist allows PHP Local File Inclusion.This issue affects eventlist: from n/a through = 1.9.2...
CVE-2025-53204 WordPress eventlist plugin <= 1.9.2 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme eventlist allows PHP Local File Inclusion. This issue affects eventlist: from n/a through 1.9.2...
CVE-2025-53204
CVE-2025-53204 is a Local File Inclusion vulnerability in the WordPress plugin Event List (ovatheme eventlist) affecting versions up to 1.9.2, caused by improper filename control for include/require statements. The vulnerability enables LFI and has a high impact (CVSS 3.1: 8.1). The issue is list...
WordPress plugin eventlist 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-33970 · Unknown · Ovatheme Eventlist
Name of the Vulnerable Software and Affected Versions: ovatheme eventlist versions through 1.9.2 Description: This issue involves an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion, in ovatheme eventlist. This allows for PHP Local File...
WordPress eventlist plugin <= 1.9.2 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Bonds in WordPress Plugin eventlist versions = 1.9.2...
GHSA-X3V2-FGR6-3WMM Double free in fil-ocl
An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust fil-ocl crate through 2021-01-04, which stems from From leading to double free.No details of the vulnerability are available at this time...
RUSTSEC-2021-0011 EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...
EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...