Lucene search
K

79 matches found

NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2025-68045

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.12 versions...

7.5CVSS0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2025-210166

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.12 versions...

7.5CVSS5.2AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.12 views

CVE-2025-68045

CVE-2025-68045 concerns the WordPress WP Event Solution plugin, affected versions

7.5CVSS5.1AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36985

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...

7.5CVSS5.1AI score0.00414EPSS
Exploits2References2
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-40776

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...

7.5CVSS0.00414EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49420

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...

7.5CVSS5.1AI score0.00414EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/06/11 7:5 a.m.31 views

CVE-2024-32110 WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site request forgery CSRF vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This issue affects WpEvently: from n/a through 4.1.2...

4.3CVSS0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.4 views

PT-2026-20364

The WP Event Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp events' shortcode in all versions up to, and including, 1.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.0025EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.19 views

CVE-2025-68047 WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through = 4.1.3...

8.8CVSS0.00468EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.9 views

PT-2026-4071

Name of the Vulnerable Software and Affected Versions Arraytics Eventin versions through 4.1.1 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This could potentially allow an attacker to compromise the system. Recommendations...

5.4AI score0.00468EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/30 10:47 a.m.26 views

CVE-2025-69012 WordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stephen Harris Event Organiser event-organiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Organiser: from n/a through = 3.12.8...

4.3CVSS0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/22 12:33 p.m.9 views

CVE-2025-66083

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 5.0.4...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 2:32 p.m.9 views

CVE-2025-62042

CVE-2025-62042 is a Cross-Site Scripting (XSS) vulnerability in the WordPress plugin “Event post” (event-post) affecting versions up to and including 5.10.3. The issue stems from improper input neutralization during web page generation, enabling an attacker to inject malicious scripts. Exploitati...

6.5CVSS6AI score0.0016EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-9692

Malware in sbrugna...

6.1CVSS6.3AI score0.00905EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24787

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24788

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00341EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32999

Malicious code in bioql PyPI...

7.3CVSS8.6AI score0.00492EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 2:26 p.m.18 views

CVE-2025-6366

CVE-2025-6366 – The Event List WordPress plugin (versions ≤ 2.0.4) is vulnerable to privilege escalation due to insufficient validation of user capabilities in el_update_profile(). Authenticated users with Subscriber+ can elevate to administrator. Evidence from Wordfence/NVD/CVE records indicates...

8.8CVSS6.5AI score0.00284EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.3 views

CVE-2025-52730

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Stored XSS.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a throug...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.3 views

CVE-2025-52731

Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin eventin-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through =...

7.5CVSS5.9AI score0.00341EPSS
Exploits0References1
Rows per page
Query Builder