18 matches found
CVE-2026-32354
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through 5.1.9...
CVE-2026-25361 WordPress WpEvently plugin <= 5.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magepeopleteam WpEvently mage-eventpress allows Reflected XSS.This issue affects WpEvently: from n/a through = 5.1.4...
CVE-2026-25361
CVE-2026-25361 affects the WordPress plugin set described in the provided documents as a reflection-based cross-site scripting issue. The Initial Description states a Reflected XSS in magepeopleteam WpEvently mage-eventpress, impacting WpEvently versions from n/a through
PT-2026-27922
Name of the Vulnerable Software and Affected Versions WpEvently versions through 5.1.4 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows for the execution of malicious...
EUVD-2026-11842
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through 5.1.9...
CVE-2026-32354
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through 5.1.9...
CVE-2026-32354
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through 5.1.9...
CVE-2026-23549
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through = 5.1.1...
CVE-2026-24942
Cross-Site Request Forgery CSRF vulnerability in magepeopleteam WpEvently mage-eventpress allows Cross Site Request Forgery.This issue affects WpEvently: from n/a through = 5.1.1...
CVE-2026-24942
Cross-Site Request Forgery CSRF vulnerability in magepeopleteam WpEvently mage-eventpress allows Cross Site Request Forgery.This issue affects WpEvently: from n/a through = 5.1.1...
CVE-2026-24954 WordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through = 5.0.8...
CVE-2026-24954
CVE-2026-24954 concerns the WordPress plugin WpEvently mage-eventpress. The vulnerability is due to deserialization of untrusted data, enabling object injection in the affected software. Affected versions are n/a through 5.0.8 for WpEvently mage-eventpress. Public records consistently describe th...
PT-2026-6218
Name of the Vulnerable Software and Affected Versions WpEvently versions through 5.1.1 Description A Cross-Site Request Forgery CSRF issue exists in WpEvently mage-eventpress. This allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations Update...
CVE-2025-66082
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 5.0.4...
CVE-2025-66083 WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 5.0.4...
PT-2025-35078
Name of the Vulnerable Software and Affected Versions: WpEvently versions through 4.4.8 Description: Deserialization of untrusted data in WpEvently allows for object injection. Recommendations: Update WpEvently to a version later than 4.4.8...
CVE-2025-30895
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...
CVE-2025-30887
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...