| CVE-2025-62027 | WordPress Event Tickets plugin <= 5.26.3 - Broken Access Control vulnerability | StellarWP | Event Tickets | - | - | 2025-10-22 14:32:51 | Deep Dive |
| CVE-2025-11517 | Event Tickets and Registration <= 5.26.5 - Unauthenticated Ticket Payment Bypass | stellarwp | Event Tickets and Registration | High | 7.5 | 2025-10-18 06:42:44 | Deep Dive |
| CVE-2025-9875 | Event Tickets, RSVPs, Calendar <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | ticketspot | Event Tickets, RSVPs, Calendar | Medium | 6.4 | 2025-10-03 11:17:11 | Deep Dive |
| CVE-2025-53452 | WordPress Event Rocket Plugin <= 3.3 - Broken Access Control Vulnerability | Barry | Event Rocket | Medium | 4.3 | 2025-09-22 18:25:44 | Deep Dive |
| CVE-2025-58009 | WordPress CP Multi View Event Calendar plugin <= 1.4.36 - Broken Access Control vulnerability | codepeople | CP Multi View Event Calendar | Low | 3.8 | 2025-09-22 18:24:10 | Deep Dive |
| CVE-2025-10104 | code-projects Online Event Judging System review_search.php sql injection | code-projects | Online Event Judging System | High | 7.3 | 2025-09-08 20:02:07 | Deep Dive |
| CVE-2025-10103 | code-projects Online Event Judging System home.php sql injection | code-projects | Online Event Judging System | High | 7.3 | 2025-09-08 19:02:07 | Deep Dive |
| CVE-2025-10102 | code-projects Online Event Judging System index.php sql injection | code-projects | Online Event Judging System | High | 7.3 | 2025-09-08 18:32:10 | Deep Dive |
| CVE-2025-58861 | WordPress Quick Event Calendar Plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability | WP Corner | Quick Event Calendar | High | 7.1 | 2025-09-05 13:45:40 | Deep Dive |
| CVE-2025-58623 | WordPress Event Feed for Eventbrite Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability | Bohemia Plugins | Event Feed for Eventbrite | Medium | 6.5 | 2025-09-03 14:36:51 | Deep Dive |
| CVE-2025-9610 | code-projects Online Event Judging System create_account.php sql injection | code-projects | Online Event Judging System | High | 7.3 | 2025-08-29 03:32:09 | Deep Dive |
| CVE-2025-6366 | Event List <= 2.0.4 - Authenticated (Subscriber+) Privilege Escalation | ovatheme.com | Event List | High | 8.8 | 2025-08-26 14:26:54 | Deep Dive |
| CVE-2025-7813 | Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery | arraytics | Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) | High | 7.2 | 2025-08-23 05:48:20 | Deep Dive |
| CVE-2025-52730 | WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Cross Site Scripting (XSS) Vulnerability | themefunction | WordPress Event Manager, Event Calendar and Booking Plugin | Medium | 6.5 | 2025-08-14 10:34:02 | Deep Dive |
| CVE-2025-52731 | WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability | themefunction | WordPress Event Manager, Event Calendar and Booking Plugin | High | 7.5 | 2025-08-14 10:34:01 | Deep Dive |
| CVE-2025-4796 | Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover | arraytics | Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) | High | 8.8 | 2025-08-08 18:26:27 | Deep Dive |
| CVE-2025-2799 | WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting | wpeventmanager | WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce | Medium | 4.4 | 2025-07-16 05:23:51 | Deep Dive |
| CVE-2025-2800 | WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' | wpeventmanager | WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce | High | 7.2 | 2025-07-16 05:23:51 | Deep Dive |
| CVE-2025-5540 | Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Event RSVP and Simple Event Management Plugin | Medium | 6.4 | 2025-06-26 02:06:36 | Deep Dive |
| CVE-2025-49980 | WordPress WP User Profile Avatar plugin <= 1.0.6 - Broken Access Control Vulnerability | WP Event Manager | WP User Profile Avatar | Medium | 4.3 | 2025-06-20 15:04:13 | Deep Dive |