CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2026/01/17 5:16 a.m.•3 views

CVE-2025-14029

The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxadmineventapproval function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to approve arbitrary events via t...

5.3CVSS0.00146EPSS

Exploits0References5

EUVD•added 2026/01/17 4:34 a.m.•2 views

EUVD-2026-3151

5.3CVSS5AI score0.00146EPSS

Exploits0References6

Cvelist•added 2026/01/17 4:34 a.m.•20 views

CVE-2025-14029 Community Events <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter

5.3CVSS0.00146EPSS

Exploits0References5

Patchstack•added 2026/01/16 11:44 p.m.•5 views

WordPress Community Events plugin <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability

Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Community Events versions = 1.5.6...

5.3CVSS7AI score0.00146EPSS

Exploits0References1Affected Software1

CNVD•added 2018/01/04 12:0 a.m.•1 views

Online Ticket Booking Cross-Site Scripting Vulnerability

Advanced Real Estate Script is a ready-made real estate website script.Online Ticket Booking is one of the online booking systems. A cross-site scripting vulnerability exists in Online Ticket Booking in Advanced Real Estate Script. The vulnerability can be exploited to conduct cross-site scriptin...

4.8CVSS6.4AI score0.00219EPSS

Exploits1References1