Eventespresso Event Espresso — known CVE vulnerabilities
Every CVE whose affected-product data names Eventespresso Event Espresso, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-1002026 — CVSS 8.8 (high): Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input…
CVE-2020-26153 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overvie…
CVE-2024-6883 — CVSS 4.3 (medium): The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin…