E-dynamics Events Made Easy — known CVE vulnerabilities
Every CVE whose affected-product data names E-dynamics Events Made Easy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-1905 — CVSS 9.8 (critical): The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement…
CVE-2021-25030 — CVSS 8.8 (high): The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text parameter before using it in a SQL…
CVE-2023-28660 — CVSS 8.8 (high): The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name'…
CVE-2023-0404 — CVSS 5.4 (medium): The Events Made Easy plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions…
CVE-2021-24813 — CVSS 4.8 (medium): The Events Made Easy WordPress plugin before 2.2.24 does not sanitise and escape Custom Field Names, allowing high privilege users to…