Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

The Events Calendar Security Vulnerabilities

cve
cve

CVE-2019-15109

The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribe_paged URL parameter.

6.1CVSS

6AI Score

0.001EPSS

2019-08-21 12:15 PM
27
cve
cve

CVE-2023-6203

The Events Calendar WordPress plugin before 6.2.8.1 discloses the content of password protected posts to unauthenticated users via a crafted request

7.5CVSS

7.5AI Score

0.001EPSS

2023-12-18 08:15 PM
18
cve
cve

CVE-2023-6557

The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wp_ajax_nopriv_tribe_dropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data inc...

5.3CVSS

5.1AI Score

0.001EPSS

2024-02-05 10:15 PM
33
cve
cve

CVE-2024-1295

The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. (e.g. password-protected events, drafts, etc.)

6.5CVSS

6.4AI Score

0.0005EPSS

2024-06-14 06:15 AM
34