Eventer - WordPress Event & Booking Manager Plugin — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in Eventer - WordPress Event & Booking Manager Plugin, with AI-generated Chinese analysis, references, and POCs.

Vendor: imithemes

CVE ID	Title	CVSS	Severity	Published
CVE-2025-0959	Eventer - WordPress Event & Booking Manager Plugin <= 3.9.9.2 - Authenticated (Subscriber+) SQL Injection via reg_id CWE-564	8.8	High	2025-03-07
CVE-2024-11134	Eventer <= 3.9.9 - Missing Authorization to Authenticated (Subscriber+) Bookings Export CWE-862	4.3	Medium	2025-02-03
CVE-2024-11132	Eventer <= 3.9.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79	6.4	Medium	2025-02-03
CVE-2024-11133	Eventer <= 3.9.9.5 - Missing Authorization to Unauthenticated Event Ticket Download CWE-862	5.3	Medium	2025-02-03
CVE-2024-11135	Eventer <= 3.9.8 - Unauthenticated SQL Injection via eventer_get_attendees CWE-89	7.5	High	2025-01-28
CVE-2024-10799	Eventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File Read CWE-22	6.5	Medium	2025-01-17

All 6 known CVE vulnerabilities affecting Eventer - WordPress Event & Booking Manager Plugin with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Eventer - WordPress Event & Booking Manager Plugin — Vulnerabilities & Security Advisories 6