Every CVE whose affected-product data names Imithemes Eventer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-39481 — CVSS 9.3 (critical): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer eventer allows…
CVE-2025-0959 — CVSS 8.8 (high): The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all…
CVE-2024-11135 — CVSS 7.5 (high): The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all…
CVE-2025-22635 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imithemes Eventer eventer allows…
CVE-2024-10799 — CVSS 6.5 (medium): The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.9.7 via the…
CVE-2024-11132 — CVSS 6.4 (medium): The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9.4 due…
CVE-2024-11133 — CVSS 5.3 (medium): The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2024-11134 — CVSS 4.3 (medium): The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2025-39482 — CVSS 4.3 (medium): Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security…