Every CVE whose affected-product data names Awplife Event Monster, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-1895 — CVSS 7.5 (high): The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to PHP Object Injection in all…
CVE-2022-3720 — CVSS 7.2 (high): The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which…
CVE-2023-47525 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event…
CVE-2024-11396 — CVSS 5.3 (medium): The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all…
CVE-2024-5059 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects…
CVE-2022-3336 — CVSS 4.3 (medium): The Event Monster WordPress plugin before 1.2.0 does not have CSRF check when deleting visitors, which could allow attackers to make logged…