Lucene search
K

104 matches found

CNNVD
CNNVD
added 2025/04/10 12:0 a.m.6 views

WordPress plugin WpEvently 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

8.8CVSS8.7AI score0.00419EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.7 views

PT-2025-15934 · Wpevently · Wpevently

Name of the Vulnerable Software and Affected Versions: WpEvently versions 4.3.5 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection. Recommendations: For versions 4.3.5 and earlier, update to a version later than 4.3.5 to resolve the...

8.8CVSS8.8AI score0.00419EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/04/08 12:33 p.m.7 views

WordPress WpEvently plugin <= 4.3.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WpEvently versions = 4.3.6...

8.8CVSS8.5AI score0.00419EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/29 12:11 p.m.19 views

CVE-2025-30887

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...

5.3CVSS7.2AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:36 a.m.6 views

CVE-2025-30895

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...

7.5CVSS7.2AI score0.0075EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.8 views

CVE-2025-30895

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...

7.5CVSS0.0075EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.7 views

CVE-2025-30887

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...

5.3CVSS0.00346EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/27 11:14 a.m.5 views

WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WpEvently versions = 4.2.9...

7.5CVSS7.3AI score0.0075EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/27 10:55 a.m.4 views

CVE-2025-30895 WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...

7.5CVSS7.4AI score0.0075EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:55 a.m.61 views

CVE-2025-30895

CVE-2025-30895 : In the WordPress plugin “WpEvently” (Event Manager and Tickets Selling Plugin for WooCommerce), versions up to and including 4.2.9 are affected by a path traversal vulnerability that enables PHP Local File Inclusion. The issue is categorized as an authenticated path traversal fla...

7.5CVSS7.2AI score0.0075EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:55 a.m.17 views

CVE-2025-30895 WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through = 4.2.9...

7.5CVSS0.0075EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/27 10:55 a.m.9 views

CVE-2025-30887 WordPress WpEvently Plugin <= 4.2.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...

5.3CVSS7.3AI score0.00346EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:55 a.m.18 views

CVE-2025-30887 WordPress WpEvently Plugin <= 4.2.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 4.2.9...

5.3CVSS0.00346EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:55 a.m.55 views

CVE-2025-30887

CVE-2025-30887 is listed with concrete details in connected data: the WordFence entry ties this to the WordPress plugin “Event Manager and Tickets Selling Plugin for WooCommerce — WpEvently.” It identifies an Authenticated (Contributor+) Local File Inclusion vulnerability in WpEvently versions up...

5.3CVSS7.2AI score0.00346EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.7 views

WordPress plugin WpEvently 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS8.5AI score0.00346EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.2 views

WordPress plugin WpEvently 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

7.5CVSS8.4AI score0.0075EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/24 12:11 p.m.18 views

CVE-2024-49703 WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through = 4.2.5...

6.5CVSS5.9AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/24 12:11 p.m.23 views

CVE-2024-49703 WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through = 4.2.5...

6.5CVSS0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/21 10:22 a.m.6 views

WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin WpEvently versions = 4.2.5...

6.5CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/02/12 8:15 a.m.22 views

CVE-2024-24796

Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin: from n/a through 4.1.1...

8.8CVSS8.3AI score0.00499EPSS
Exploits0References1
Rows per page
Query Builder