Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 478 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-7149 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.8 - Authenticated (Contributor+) Local File Inclusion arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 8.8 2024-09-27 13:52:55 Deep Dive
CVE-2024-6931 The Events Calendar <= 6.6.3 - Unauthenticated Stored Cross-Site Scripting stellarwpThe Events Calendar High 7.2 2024-09-27 08:46:25 Deep Dive
CVE-2024-8275 The Events Calendar <= 6.6.4 - Unauthenticated SQL Injection stellarwpThe Events Calendar Critical 9.8 2024-09-25 04:30:29 Deep Dive
CVE-2024-8549 Simple Calendar – Google Calendar Plugin <= 3.4.2 - Reflected Cross-Site Scripting simplecalendarSimple Calendar – Google Calendar Plugin Medium 6.1 2024-09-25 02:05:02 Deep Dive
CVE-2024-8671 WooEvents <= 4.1.2 - Unauthenticated Arbitrary File Overwrite Ex-ThemesWooEvents - Calendar and Event Booking Critical 9.1 2024-09-24 03:06:38 Deep Dive
CVE-2024-8432 Appointment & Event Booking Calendar Plugin – Webba Booking <= 5.0.48 - Missing Authorization to Authenticated (Subscriber+) CSS Settings Update webba-agencyEasy Appointment Booking & Scheduling System – Webba Booking Calendar Medium 4.3 2024-09-24 01:56:45 Deep Dive
CVE-2024-43969 WordPress Spiffy Calendar plugin <= 4.9.12 - SQL Injection vulnerability Spiffy PluginsSpiffy Calendar High 7.6 2024-09-17 22:33:52 Deep Dive
CVE-2024-45457 WordPress Spiffy Calendar plugin <= 4.9.13 - Cross Site Scripting (XSS) vulnerability Spiffy PluginsSpiffy Calendar Medium 6.5 2024-09-15 07:43:48 Deep Dive
CVE-2024-45458 WordPress Spiffy Calendar plugin <= 4.9.13 - Reflected Cross Site Scripting (XSS) vulnerability Spiffy PluginsSpiffy Calendar High 7.1 2024-09-15 07:42:42 Deep Dive
CVE-2024-8797 WP Booking System – Booking Calendar <= 2.0.19.8 - Reflected Cross-Site Scripting murgrolandWP Booking System – Booking Calendar Medium 6.1 2024-09-14 05:40:43 Deep Dive
CVE-2024-8663 WP Simple Booking Calendar <= 2.0.10 - Reflected Cross-Site Scripting murgrolandWP Simple Booking Calendar Medium 6.1 2024-09-13 06:47:30 Deep Dive
CVE-2024-7129 Appointment Booking Calendar < 1.6.7.43 - Admin+ Template Injection to RCE UnknownAppointment Booking Calendar — Simply Schedule Appointments Booking Plugin--2024-09-13 06:00:04 Deep Dive
CVE-2024-45303 Discourse Calendar plugin event names susceptible to XSS discoursediscourse-calendar Medium 6.1 2024-09-12 18:11:47 Deep Dive
CVE-2024-8369 EventPrime <= 4.0.4.3 - Missing Authorization to Unauthenticated Private or Password-Protected Events Disclosure metagaussEventPrime – Events Calendar, Bookings and Tickets Medium 5.3 2024-09-10 11:30:32 Deep Dive
CVE-2024-6332 Booking for Appointments and Events Calendar – Amelia Premium <= 7.7 and Lite <= 1.2.4 - Missing Authorization to Sensitive Information Exposure ameliabookingBooking for Appointments and Events Calendar – Amelia Medium 6.5 2024-09-05 09:29:49 Deep Dive
CVE-2024-21658 Insufficient control of region value length in discourse-calendar discoursediscourse-calendar Medium 4.3 2024-08-30 17:18:41 Deep Dive
CVE-2024-8274 WP Booking Calendar <= 10.5 - Reflected Cross-Site Scripting wpdevelopBooking Calendar Medium 6.1 2024-08-30 09:29:49 Deep Dive
CVE-2024-8016 The Events Calendar Pro <= 7.0.2 - Authenticated (Administrator+) PHP Object Injection to Remote Code Execution theeventscalendarThe Events Calendar Pro Critical 9.1 2024-08-30 06:52:16 Deep Dive
CVE-2024-39638 WordPress Registrations for the Events Calendar plugin <= 2.12.2 - SQL Injection vulnerability Roundup WPRegistrations for the Events Calendar High 8.5 2024-08-29 14:19:56 Deep Dive
CVE-2024-6552 Booking for Appointments and Events Calendar – Amelia <= 1.2 - Unauthenticated Full Path Disclosure ameliabookingBooking for Appointments and Events Calendar – Amelia Medium 5.3 2024-08-08 03:30:46 Deep Dive