Every CVE whose affected-product data names Myeventon Eventon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2023-6158 — CVSS 6.5 (medium): The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of…
CVE-2023-6244 — CVSS 6.5 (medium): The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up…
CVE-2023-6242 — CVSS 6.5 (medium): The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up…
CVE-2025-3527 — CVSS 6.4 (medium): The EventON Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the…
CVE-2023-7200 — CVSS 6.1 (medium): The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a…
CVE-2024-0233 — CVSS 6.1 (medium): The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before…
CVE-2024-0238 — CVSS 6.1 (medium): The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and…
CVE-2024-4752 — CVSS 5.9 (medium): The EventON WordPress plugin before 2.2.15 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-3219 — CVSS 5.3 (medium): The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid…
CVE-2024-0235 — CVSS 5.3 (medium): The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing…
CVE-2024-0236 — CVSS 5.3 (medium): The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing…
CVE-2024-0237 — CVSS 5.3 (medium): The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing…
CVE-2023-2796 — CVSS 5.3 (medium): The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing…
CVE-2024-6910 — CVSS 4.8 (medium): The EventON WordPress plugin before 2.2.17 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-4388 — CVSS 4.8 (medium): The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as…
CVE-2023-6046 — CVSS 4.8 (medium): The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as…
CVE-2023-6005 — CVSS 4.8 (medium): The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 does not sanitize and escape some of its settings, which…