The Events Calendar Security Vulnerabilities and Issues — The Events Calendar CVE List

Lucene search

TriThe Events Calendar

3 matches found

CVE•added 2024/12/16 6:15 a.m.•86 views

CVE-2024-5333

The Events Calendar WordPress plugin before 6.8.2.1 is missing access checks in the REST API, allowing for unauthenticated users to access information about password protected events.

5.3CVSS6.5AI score0.0003EPSS

CVE•added 2024/06/14 6:15 a.m.•60 views

CVE-2024-1295

The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. (e.g. password-protected events, drafts, etc.)

6.5CVSS6.7AI score0.00659EPSS

CVE•added 2024/06/04 6:15 a.m.•30 views

CVE-2024-4180

The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.

9.1CVSS7.1AI score0.00997EPSS