6 matches found
WordPress plugin WpEvently 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2025-32145
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through = 4.3.6...
CVE-2025-32145
CVE-2025-32145 is a deserialization (PHP Object Injection) vulnerability in the WordPress plugin WpEvently (mage-eventpress). Affected versions: up to 4.3.5 (the Wordfence entry notes a fix in 4.3.6). Root cause: deserialization of untrusted data leading to object injection. Impact (per the CVSS ...
CVE-2025-30887
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...
CVE-2025-30895
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...
CVE-2025-30895
CVE-2025-30895 : In the WordPress plugin “WpEvently” (Event Manager and Tickets Selling Plugin for WooCommerce), versions up to and including 4.2.9 are affected by a path traversal vulnerability that enables PHP Local File Inclusion. The issue is categorized as an authenticated path traversal fla...