Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) — Vulnerabilities & Security Advisories 10

All 10 CVE vulnerabilities found in Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered), with AI-generated Chinese analysis, references, and POCs.

Vendor: arraytics

CVE IDTitleCVSSSeverityPublished
CVE-2026-4109 Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure CWE-862 4.3 Medium2026-04-14
CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' CWE-862 7.2 High2026-01-09
CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery CWE-918 7.2 High2025-08-23
CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover CWE-639 8.8 High2025-08-08
CVE-2025-3419 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.26 - Unauthenticated Arbitrary File Read CWE-73 7.5 High2025-05-08
CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update CWE-862 5.3 Medium2025-03-20
CVE-2025-1770 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion CWE-22 8.8 High2025-03-20
CVE-2024-7149 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.8 - Authenticated (Contributor+) Local File Inclusion CWE-22 8.8 High2024-09-27
CVE-2024-6033 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Event Data Import CWE-862 4.3 Medium2024-07-17
CVE-2024-1122 Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin <= 3.3.50 - Missing Authorization to Unauthenticated Events Export CWE-862 5.3 Medium2024-02-09

All 10 known CVE vulnerabilities affecting Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) with full Chinese analysis, references, and POCs where available.