15 matches found
CVE-2025-69045
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through = 1.20.4...
CVE-2025-69045
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through = 1.20.4...
CVE-2025-69045 WordPress FooEvents for WooCommerce plugin <= 1.20.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through = 1.20.4...
CVE-2025-69045 WordPress FooEvents for WooCommerce plugin <= 1.20.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through = 1.20.4...
CVE-2025-69045
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through = 1.20.4...
CVE-2025-69045
CVE-2025-69045 is a SQL Injection vulnerability in FooEvents for WooCommerce (FooEvents for WooCommerce) that affects versions up to and including 1.20.4. The issue arises from improper neutralization of user-supplied input in SQL queries, enabling an attacker with network access to potentially r...
PT-2026-4133
Name of the Vulnerable Software and Affected Versions FooEvents for WooCommerce versions through 1.20.4 Description A flaw exists in FooEvents for WooCommerce that allows for SQL Injection. The issue is due to improper neutralization of special elements within SQL commands. This could potentially...
WordPress plugin FooEvents for WooCommerce: SQL injection vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress FooEvents for WooCommerce plugin <= 1.20.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin FooEvents for WooCommerce versions = 1.20.4...
CVE-2024-6000
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'displayticketthemespage' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
CVE-2024-6000
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'displayticketthemespage' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
CVE-2024-6000 FooEvents for WooCommerce <= 1.19.20 - Improper Authorization to (Contributor+) Arbitrary File Upload
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'displayticketthemespage' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
WordPress Plugin FooEvents for WooCommerce Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress FooEvents for WooCommerce plugin <= 1.19.20 - Authenticated Arbitrary File Upload vulnerability
Authenticated Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin FooEvents for WooCommerce versions = 1.19.20...
WordPress FooEvents for WooCommerce Plugin <= 1.19.20 is vulnerable to Arbitrary File Upload
Software FooEvents for WooCommerce Type Plugin Vulnerable versions = 1.19.20 Fixed in 1.19.21 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-6000 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 712d717f0e84 Credits István Márton Required...