Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Arraytics — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Arraytics. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Arraytics:Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)EventinTimeticsTimetics – Appointment Booking & SchedulingWPCafeWPCafe – Restaurant Menu, Online Food Ordering & Table Booking SystemBooktics – Booking Calendar for Appointments and Service BusinessesBooktics
CVE IDTitleCVSSSeverityPaused
CVE-2026-4109 Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information Exposure — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-862 4.3 Medium2026-04-14
CVE-2026-39585 WordPress Booktics plugin <= 1.0.16 - Broken Access Control vulnerability — BookticsCWE-862 9.1AICriticalAI2026-04-08
CVE-2026-27071 WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability — WPCafeCWE-862 9.1 -2026-03-25
CVE-2026-1919 Booktics <= 1.0.16 - Missing Authorization to Get Items via REST API endpoints — Booktics – Booking Calendar for Appointments and Service BusinessesCWE-306 5.3 Medium2026-03-10
CVE-2026-1920 Booktics <= 1.0.16 - Missing Authorization to Addon Plugin Installation — Booktics – Booking Calendar for Appointments and Service BusinessesCWE-306 5.3 Medium2026-03-10
CVE-2025-68047 WordPress Eventin plugin <= 4.1.3 - PHP Object Injection vulnerability — EventinCWE-502 9.8AICriticalAI2026-01-22
CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-862 7.2 High2026-01-09
CVE-2025-67915 WordPress Timetics plugin <= 1.0.46 - Broken Authentication vulnerability — TimeticsCWE-288 8.8 High2026-01-08
CVE-2025-5919 Appointment Booking and Scheduling Calendar Plugin – WP Timetics <= 1.0.36 - Missing Authorization to Unauthenticated Booking Details View And Modification — Timetics – Appointment Booking & SchedulingCWE-862 6.5 Medium2026-01-06
CVE-2025-64268 WordPress Timetics plugin <= 1.0.44 - Broken Access Control vulnerability — TimeticsCWE-862 8.1AIHighAI2025-12-18
CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-918 7.2 High2025-08-23
CVE-2025-49869 WordPress Eventin Plugin <= 4.0.31 - PHP Object Injection Vulnerability — EventinCWE-502 8.8 High2025-08-14
CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-639 8.8 High2025-08-08
CVE-2025-49321 WordPress Eventin plugin <= 4.0.28 - Cross Site Scripting (XSS) Vulnerability — EventinCWE-79 7.1 High2025-06-27
CVE-2025-47539 WordPress Eventin plugin <= 4.0.26 - Privilege Escalation Vulnerability — EventinCWE-266 9.8 Critical2025-05-23
CVE-2025-47445 WordPress Eventin plugin <= 4.0.26 - Arbitrary File Download Vulnerability — EventinCWE-23 7.5 High2025-05-14
CVE-2025-3419 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.26 - Unauthenticated Arbitrary File Read — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-73 7.5 High2025-05-08
CVE-2025-39452 WordPress WPCafe plugin <= 2.2.32 - Local File Inclusion vulnerability — WPCafeCWE-98 7.5 High2025-04-17
CVE-2025-39584 WordPress Eventin plugin <= 4.0.25 - Local File Inclusion Vulnerability — EventinCWE-98 7.5 High2025-04-16
CVE-2025-30829 WordPress WPCafe plugin <= 2.2.31 - Local File Inclusion vulnerability — WPCafeCWE-98 7.5 High2025-03-27
CVE-2025-30828 WordPress Timetics plugin <= 1.0.29 - Broken Access Control vulnerability — TimeticsCWE-862 5.3 Medium2025-03-27
CVE-2025-1770 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Authenticated (Contributor+) Local File Inclusion — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-22 8.8 High2025-03-20
CVE-2025-1766 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status Update — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)CWE-862 5.3 Medium2025-03-20
CVE-2025-26964 WordPress Eventin plugin <= 4.0.20 - Local File Inclusion vulnerability — EventinCWE-98 7.5 High2025-02-25
CVE-2024-56213 WordPress Eventin plugin <= 4.0.7 - Contributor+ Limited Local File Inclusion vulnerability — EventinCWE-35 6.5 Medium2024-12-31
CVE-2024-11275 WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin <= 1.0.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion — Timetics – Appointment Booking & SchedulingCWE-639 4.3 Medium2024-12-13
CVE-2023-47805 WordPress WPCafe plugin <= 2.2.22 - Broken Access Control vulnerability — WPCafeCWE-862 8.1 -2024-12-09
CVE-2023-49756 WordPress Eventin plugin <= 3.3.52 - Authenticated Notice Dismissal Vulnerability — EventinCWE-862 7.1 -2024-12-09
CVE-2024-37427 WordPress Timetics plugin <= 1.0.21 - Broken Access Control vulnerability — TimeticsCWE-862 5.3 Medium2024-11-01
CVE-2024-43923 WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability — TimeticsCWE-862 5.3 Medium2024-11-01

This page lists every published CVE security advisory associated with Arraytics. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.