| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-11134 | Eventer <= 3.9.9 - Missing Authorization to Authenticated (Subscriber+) Bookings Export | imithemes | Eventer - WordPress Event & Booking Manager Plugin | Medium | 4.3 | 2025-02-03 19:22:49 | Deep Dive |
| CVE-2024-11133 | Eventer <= 3.9.9.5 - Missing Authorization to Unauthenticated Event Ticket Download | imithemes | Eventer - WordPress Event & Booking Manager Plugin | Medium | 5.3 | 2025-02-03 19:22:44 | Deep Dive |
| CVE-2025-24560 | WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability | AwesomeTOGI | Awesome Event Booking | High | 7.1 | 2025-01-31 08:24:40 | Deep Dive |
| CVE-2024-13216 | HT Event – WordPress Event Manager Plugin for Elementor <= 1.4.7 - Authenticated (Contributor+) Sensitive Information Exposure via HT Event: Sponsor | devitemsllc | HT Event – WordPress Event Manager Plugin for Elementor | Medium | 4.3 | 2025-01-31 05:22:33 | Deep Dive |
| CVE-2025-0507 | Ticketmeo – Sell Tickets – Event Ticketing <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | snexed | Ticketmeo – Sell Tickets – Event Ticketing | Medium | 6.4 | 2025-01-31 04:21:47 | Deep Dive |
| CVE-2024-13457 | Event Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information Exposure | stellarwp | Event Tickets and Registration | Medium | 5.3 | 2025-01-30 06:41:08 | Deep Dive |
| CVE-2024-11135 | Eventer <= 3.9.8 - Unauthenticated SQL Injection via eventer_get_attendees | imithemes | Eventer - WordPress Event & Booking Manager Plugin | High | 7.5 | 2025-01-28 04:21:33 | Deep Dive |
| CVE-2025-24683 | WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability | WP Chill | RSVP and Event Management | High | 7.6 | 2025-01-24 17:24:57 | Deep Dive |
| CVE-2025-24585 | WordPress Event post plugin <= 5.9.7 - Stored Cross Site Scripting (XSS) vulnerability | Bastien Ho | Event post | Medium | 6.5 | 2025-01-24 17:24:20 | Deep Dive |
| CVE-2025-22718 | WordPress FAT Event Lite plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability | roninwp | FAT Event Lite | Medium | 6.5 | 2025-01-21 13:57:35 | Deep Dive |
| CVE-2025-0515 | Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Option Update | cmsmasters | Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme | Medium | 4.3 | 2025-01-18 07:05:07 | Deep Dive |
| CVE-2024-10799 | Eventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File Read | imithemes | Eventer - WordPress Event & Booking Manager Plugin | Medium | 6.5 | 2025-01-17 05:29:28 | Deep Dive |
| CVE-2025-23915 | WordPress FAT Event Lite plugin <= 1.1 - Authenticated Non-Arbitrary Local File Inclusion vulnerability | roninwp | FAT Event Lite | High | 7.5 | 2025-01-16 20:07:53 | Deep Dive |
| CVE-2025-23699 | WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | techmix | Event Countdown Timer Plugin by TechMix | High | 7.1 | 2025-01-16 20:06:43 | Deep Dive |
| CVE-2024-11870 | Event Registration Calendar By vcita <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | vcita | Event Registration Calendar By vcita | Medium | 6.4 | 2025-01-15 07:10:47 | Deep Dive |
| CVE-2024-11396 | Event monster <= 1.4.3 - Information Exposure Via Visitors List Export | awordpresslife | Event Monster – Manager & Ticket Booking | Medium | 5.3 | 2025-01-13 23:21:40 | Deep Dive |
| CVE-2025-22508 | WordPress FAT Event Lite plugin <= 1.1 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability | roninwp | FAT Event Lite | High | 8.1 | 2025-01-09 15:39:28 | Deep Dive |
| CVE-2024-12711 | RSVP and Event Management <= 2.7.13 - Missing Authorization | wpchill | RSVP and Event Management | Medium | 5.3 | 2025-01-07 11:11:12 | Deep Dive |
| CVE-2024-56251 | WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability | Event Espresso | Event Espresso 4 Decaf | Medium | 4.3 | 2025-01-02 12:01:24 | Deep Dive |
| CVE-2024-38762 | WordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerability | StellarWP | Event Tickets | Medium | 4.3 | 2025-01-02 12:01:06 | Deep Dive |