CVE-2025-4796 — CVSS 8.8 (high): The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34…
CVE-2024-7149 — CVSS 8.8 (high): The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all…
CVE-2025-1770 — CVSS 8.8 (high): The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all…
CVE-2025-26964 — CVSS 7.5 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin…
CVE-2025-39584 — CVSS 7.5 (high): Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin…
CVE-2025-3419 — CVSS 7.5 (high): The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all…
CVE-2025-49321 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin wp-event-solution…
CVE-2024-37507 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows…
CVE-2024-39648 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows…
CVE-2023-49756 — CVSS 5.4 (medium): Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security…
CVE-2025-1766 — CVSS 5.3 (medium): The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of…
CVE-2024-1122 — CVSS 5.3 (medium): The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of…
CVE-2024-6033 — CVSS 4.3 (medium): The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation…