| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-68007 | WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability | Event Espresso | Event Espresso 4 Decaf | Medium | 6.5 | 2026-01-22 16:52:01 | Deep Dive |
| CVE-2025-32507 | WordPress Event Espresso plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability | Aakif Kadiwala | Event Espresso – Custom Email Template Shortcode | High | 7.1 | 2025-04-17 15:47:48 | Deep Dive |
| CVE-2024-56251 | WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability | Event Espresso | Event Espresso 4 Decaf | Medium | 4.3 | 2025-01-02 12:01:24 | Deep Dive |
| CVE-2024-6883 | Event Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification | eventespresso | Event Espresso – Event Registration & Ticketing Sales | Medium | 4.3 | 2024-08-21 05:30:21 | Deep Dive |
| CVE-2023-27437 | WordPress Event Espresso 4 Decaf plugin <= 4.10.44.decaf - Bypass vulnerability | Event Espresso | Event Espresso 4 Decaf | Low | 3.7 | 2024-06-03 21:59:11 | Deep Dive |
| CVE-2021-4404 | Event Espresso 4 Decaf <= 4.10.11 - Cross-Site Request Forgery Bypass | eventespresso | Event Espresso – Event Registration & Ticketing Sales | Medium | 4.3 | 2023-07-01 05:33:29 | Deep Dive |
| CVE-2017-1002026 | WordPress Event Expresso Free SQL注入漏洞 | Event Espresso | Event Expresso Free | 高危 | - | 2017-09-14 13:00:00 | Deep Dive |