Lucene search

K

Theeventscalendar Security Vulnerabilities

cve
cve

CVE-2024-2261

The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including....

4.3CVSS

9AI Score

0.0004EPSS

2024-04-09 07:15 PM
32
cve
cve

CVE-2024-1053

The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'email' action in all versions up to, and including, 5.8.1. This makes it possible for authenticated attackers, with contributor-level access and above, to.....

4.3CVSS

5.2AI Score

0.0004EPSS

2024-02-22 06:15 AM
46
cve
cve

CVE-2023-6557

The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wp_ajax_nopriv_tribe_dropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data...

5.3CVSS

5.1AI Score

0.001EPSS

2024-02-05 10:15 PM
31
cve
cve

CVE-2021-25025

The EventCalendar WordPress plugin before 1.1.51 does not have proper authorisation and CSRF checks in the add_calendar_event AJAX actions, allowing users with a role as low as subscriber to create...

4.3CVSS

4.5AI Score

0.001EPSS

2022-01-17 01:15 PM
28
cve
cve

CVE-2021-25024

The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting...

6.1CVSS

6.1AI Score

0.001EPSS

2022-01-17 01:15 PM
24
cve
cve

CVE-2015-5485

Cross-site scripting (XSS) vulnerability in the Event Import page (import-eventbrite-events.php) in the Modern Tribe Eventbrite Tickets plugin before 3.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "error" parameter to...

6AI Score

0.004EPSS

2015-08-18 03:59 PM
20