79 matches found
CVE-2025-68045
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.12 versions...
EUVD-2025-210166
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.12 versions...
CVE-2025-68045
CVE-2025-68045 concerns the WordPress WP Event Solution plugin, affected versions
EUVD-2026-36985
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...
CVE-2026-40776
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...
PT-2026-49420
Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...
CVE-2024-32110 WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site request forgery CSRF vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This issue affects WpEvently: from n/a through 4.1.2...
PT-2026-20364
The WP Event Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp events' shortcode in all versions up to, and including, 1.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-68047 WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through = 4.1.3...
PT-2026-4071
Name of the Vulnerable Software and Affected Versions Arraytics Eventin versions through 4.1.1 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This could potentially allow an attacker to compromise the system. Recommendations...
CVE-2025-69012 WordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...
CVE-2025-66083
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 5.0.4...
CVE-2025-62042
CVE-2025-62042 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin “Event post” (event-post) affecting versions up to and including 5.10.3. The issue stems from improper input neutralization during web page generation, enabling an attacker to inject malicious scripts. Exploitati...
EUVD-2017-9692
Malware in sbrugna...
EUVD-2025-24787
Malicious code in bioql PyPI...
EUVD-2025-24788
Malicious code in bioql PyPI...
EUVD-2024-32999
Malicious code in bioql PyPI...
CVE-2025-6366
CVE-2025-6366 – The Event List WordPress plugin (versions ≤ 2.0.4) is vulnerable to privilege escalation due to insufficient validation of user capabilities in el_update_profile(). Authenticated users with Subscriber+ can elevate to administrator. Evidence from Wordfence/NVD/CVE records indicates...
CVE-2025-52730
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...
CVE-2025-52731
Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...