All 3 CVE vulnerabilities found in Event Espresso 4 Decaf, with AI-generated Chinese analysis, references, and POCs.
Vendor: Event Espresso
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68007 | WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability CWE-862 | 6.5 | Medium | 2026-01-22 |
| CVE-2024-56251 | WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2025-01-02 |
| CVE-2023-27437 | WordPress Event Espresso 4 Decaf plugin <= 4.10.44.decaf - Bypass vulnerability CWE-862 | 3.7 | Low | 2024-06-03 |
All 3 known CVE vulnerabilities affecting Event Espresso 4 Decaf with full Chinese analysis, references, and POCs where available.