Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 59+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 59 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4109 Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) Medium 4.3 2026-04-14 07:43:04 Deep Dive
CVE-2026-25465 WordPress CP Multi View Event Calendar plugin <= 1.4.36 - Cross Site Scripting (XSS) vulnerability codepeopleCP Multi View Event Calendar Medium 6.5 2026-03-25 16:14:52 Deep Dive
CVE-2026-2355 My Calendar – Accessible Event Manager <= 3.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes joedolsonMy Calendar – Accessible Event Manager Medium 6.4 2026-03-04 11:22:30 Deep Dive
CVE-2026-0556 XO Event Calendar <= 3.2.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'xo_event_field' shortcode ishitakaXO Event Calendar Medium 6.4 2026-02-19 04:36:14 Deep Dive
CVE-2026-1941 WP Event Aggregator <= 1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes xylusWP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into Event Calendar Medium 6.4 2026-02-18 08:26:03 Deep Dive
CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 7.2 2026-01-09 07:22:13 Deep Dive
CVE-2025-9875 Event Tickets, RSVPs, Calendar <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting ticketspotEvent Tickets, RSVPs, Calendar Medium 6.4 2025-10-03 11:17:11 Deep Dive
CVE-2025-58009 WordPress CP Multi View Event Calendar plugin <= 1.4.36 - Broken Access Control vulnerability codepeopleCP Multi View Event Calendar Low 3.8 2025-09-22 18:24:10 Deep Dive
CVE-2025-58861 WordPress Quick Event Calendar Plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability WP CornerQuick Event Calendar High 7.1 2025-09-05 13:45:40 Deep Dive
CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 7.2 2025-08-23 05:48:20 Deep Dive
CVE-2025-52730 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Cross Site Scripting (XSS) Vulnerability themefunctionWordPress Event Manager, Event Calendar and Booking Plugin Medium 6.5 2025-08-14 10:34:02 Deep Dive
CVE-2025-52731 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability themefunctionWordPress Event Manager, Event Calendar and Booking Plugin High 7.5 2025-08-14 10:34:01 Deep Dive
CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 8.8 2025-08-08 18:26:27 Deep Dive
CVE-2025-2799 WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting wpeventmanagerWP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce Medium 4.4 2025-07-16 05:23:51 Deep Dive
CVE-2025-2800 WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' wpeventmanagerWP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce High 7.2 2025-07-16 05:23:51 Deep Dive
CVE-2023-26001 WordPress Next Event Calendar plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability Marchetti DesignNext Event Calendar Medium 5.9 2025-06-06 12:54:43 Deep Dive
CVE-2025-27360 WordPress Quick Event Calendar plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability WP CornerQuick Event Calendar Medium 4.3 2025-06-06 12:54:36 Deep Dive
CVE-2025-3527 EventON - WordPress Virtual Event Calendar Plugin <= 4.9.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting EventONEventON (Pro) - WordPress Virtual Event Calendar Plugin Medium 6.4 2025-05-17 11:17:16 Deep Dive
CVE-2024-8700 Event Calendar <= 1.0.4 - Unauthenticated Arbitrary Calendar Deletion UnknownEvent Calendar--2025-05-15 20:07:18 Deep Dive
CVE-2025-3419 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.26 - Unauthenticated Arbitrary File Read arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 7.5 2025-05-08 05:22:51 Deep Dive