Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

EventON — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in EventON, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-28037 WordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 6.1 -2026-03-05
CVE-2025-63064 WordPress EventON plugin <= 4.9.12 - Cross Site Scripting (XSS) vulnerability CWE-79 5.4AIMediumAI2025-12-09
CVE-2025-47565 WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability CWE-862 6.3 Medium2025-07-04
CVE-2025-47564 WordPress EventON plugin <= 4.9.8 - Broken Access Control vulnerability CWE-862 5.3 Medium2025-05-16
CVE-2025-48116 WordPress EventON plugin <= 2.4.4 - Broken Access Control Vulnerability CWE-862 5.3 Medium2025-05-16
CVE-2025-47494 WordPress EventON plugin <= 2.4.1 - Local File Inclusion Vulnerability CWE-98 7.5 High2025-05-07
CVE-2025-32614 WordPress EventON plugin <= 2.4 - Local File Inclusion vulnerability CWE-98 8.8 High2025-04-11
CVE-2025-32160 WordPress EventON plugin <= 2.4.1 - Local File Inclusion vulnerability CWE-98 7.5 High2025-04-10
CVE-2024-6910 EventON < 2.2.17 - Admin+ Stored XSS 4.8AIMediumAI2024-09-09
CVE-2024-4752 EventON < 2.2.15 - Admin+ Stored Cross-Site Scripting via event subtitle 4.8AIMediumAI2024-07-13
CVE-2024-33940 WordPress EventON plugin <= 2.2.14 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-05-03
CVE-2023-7200 EventON < 4.4.1 - Reflected Cross-Site Scripting 6.1 -2024-01-29
CVE-2024-0235 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure 5.3 -2024-01-16
CVE-2024-0233 EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS 6.1 -2024-01-16
CVE-2023-6005 EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting 4.8 -2024-01-16
CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure 5.3 -2024-01-16
CVE-2023-6046 EventON < 2.2 - Admin+ Stored HTML Injection 4.8 -2024-01-16
CVE-2023-4388 EventON < 2.2 - Admin+ Stored XSS 4.8 -2023-10-16
CVE-2023-3219 EventON < 2.1.2 - Unauthenticated Post Access via IDOR 7.5 -2023-07-10
CVE-2023-2796 EventON < 2.1.2 - Unauthenticated Event Access 5.3 -2023-07-10

All 20 known CVE vulnerabilities affecting EventON with full Chinese analysis, references, and POCs where available.