CVE-2023-49756
- EPSS 0.27%
- Veröffentlicht 09.12.2024 13:15:35
- Zuletzt bearbeitet 11.08.2025 17:27:36
Missing Authorization vulnerability in Themewinter Eventin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through 3.3.52.
CVE-2024-7149
- EPSS 0.71%
- Veröffentlicht 27.09.2024 14:15:05
- Zuletzt bearbeitet 04.10.2024 18:23:09
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters. This makes it possible for authenticated attack...
CVE-2024-39648
- EPSS 0.21%
- Veröffentlicht 01.08.2024 22:15:26
- Zuletzt bearbeitet 11.08.2025 17:45:32
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5.
CVE-2024-37507
- EPSS 0.14%
- Veröffentlicht 21.07.2024 08:15:03
- Zuletzt bearbeitet 11.08.2025 17:46:11
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57.
CVE-2024-6033
- EPSS 0.11%
- Veröffentlicht 17.07.2024 07:15:03
- Zuletzt bearbeitet 21.11.2024 09:48:47
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'import_file' function in all versions up to, and including, 4.0.4. This...
CVE-2024-1122
- EPSS 0.33%
- Veröffentlicht 09.02.2024 05:15:08
- Zuletzt bearbeitet 21.11.2024 08:49:50
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.5...