9 matches found
PT-2026-52434
Name of the Vulnerable Software and Affected Versions EventPrime versions prior to 4.3.4.2 Description PHP Object Injection occurs when an application deserializes untrusted data, allowing an attacker to manipulate the object structure and potentially execute arbitrary code or perform unauthorize...
CVE-2026-42669
Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventPrime: from n/a through 4.3.2.0...
EUVD-2026-13061
Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 4.2.8.3...
CVE-2026-1655 EventPrime <= 4.2.8.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Event Modification via 'event_id' Parameter
The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up to, and including, 4.2.8.4. This is due to the savefrontendeventsubmission function accepting a user-controlled eventid parameter and updating the correspondi...
EUVD-2024-22195
Malicious code in bioql PyPI...
EUVD-2024-42573
Malicious code in bioql PyPI...
EUVD-2024-50540
Malicious code in bioql PyPI...
EUVD-2023-57565
Malicious code in bioql PyPI...
WordPress plugin EventPrime security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...