Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 316 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-31416 WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability AwesomeTOGIAwesome Event Booking High 7.1 2025-04-04 13:21:57 Deep Dive
CVE-2025-31739 WordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerability Manuel SchmalstiegMinimalistic Event Manager Medium 6.4 2025-04-03 13:27:13 Deep Dive
CVE-2025-31462 WordPress CGM Event Calendar plugin <= 0.8.5 - Cross Site Scripting (XSS) Vulnerability rzfarrellCGM Event Calendar High 7.1 2025-04-01 20:58:11 Deep Dive
CVE-2025-30794 WordPress Event Tickets plugin <= 5.20.0 - Reflected Cross Site Scripting (XSS) vulnerability StellarWPEvent Tickets High 7.1 2025-04-01 05:31:37 Deep Dive
CVE-2025-31595 WordPress Timeline Event History plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability wpdiscoverTimeline Event History Medium 6.5 2025-03-31 12:55:30 Deep Dive
CVE-2025-1762 Event Tickets with Ticket Scanner < 2.5.4 - Arbitrary Tickets Deletion via CSRF UnknownEvent Tickets with Ticket Scanner 中危 -2025-03-28 06:00:04 Deep Dive
CVE-2025-22668 WordPress Awesome Event Booking plugin <= 2.7.2 - Broken Access Control vulnerability AwesomeTOGIAwesome Event Booking Medium 6.5 2025-03-27 14:23:14 Deep Dive
CVE-2025-22669 WordPress Awesome Event Booking plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability AwesomeTOGIAwesome Event Booking Medium 4.3 2025-03-27 14:22:25 Deep Dive
CVE-2025-30832 WordPress Themify Event Post Plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability themifymeThemify Event Post Medium 6.5 2025-03-27 10:55:21 Deep Dive
CVE-2025-30831 WordPress Themify Event Post Plugin <= 1.3.2 - Local File Inclusion vulnerability themifymeThemify Event Post High 7.5 2025-03-27 10:55:20 Deep Dive
CVE-2025-26923 WordPress Event post plugin <= 5.9.8 - Cross Site Scripting (XSS) vulnerability Bastien HoEvent post Medium 6.5 2025-03-26 14:44:32 Deep Dive
CVE-2025-28899 WordPress WP Event Ticketing plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability toddhuishWP Event Ticketing High 7.1 2025-03-26 14:24:24 Deep Dive
CVE-2025-2167 Event post <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting basthoEvent post Medium 5.4 2025-03-26 08:21:51 Deep Dive
CVE-2025-1770 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) High 8.8 2025-03-20 05:22:35 Deep Dive
CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update arrayticsEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) Medium 5.3 2025-03-20 05:22:35 Deep Dive
CVE-2025-0959 Eventer - WordPress Event & Booking Manager Plugin <= 3.9.9.2 - Authenticated (Subscriber+) SQL Injection via reg_id imithemesEventer - WordPress Event & Booking Manager Plugin High 8.8 2025-03-07 08:21:27 Deep Dive
CVE-2025-1402 Event Tickets and Registration <= 5.19.1.1 - Missing Authorization to Ticket Deletion stellarwpEvent Tickets and Registration Medium 5.3 2025-02-21 11:09:35 Deep Dive
CVE-2025-24700 WordPress WP Event Aggregator Plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerability Xylus ThemesWP Event Aggregator High 7.1 2025-02-14 12:44:36 Deep Dive
CVE-2025-25110 WordPress Event Kikfyre plugin <= 2.1.8 - Broken Access Control vulnerability MetagaussEvent Kikfyre Medium 5.4 2025-02-07 10:11:38 Deep Dive
CVE-2024-11132 Eventer <= 3.9.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode imithemesEventer - WordPress Event & Booking Manager Plugin Medium 6.4 2025-02-03 19:22:49 Deep Dive