Skip to main content

Event Espresso

2 CVEs product

Monthly

CVE-2024-6883 MEDIUM This Month

The Event Espresso 4 Decaf - Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Event Espresso
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2017-1002026 HIGH POC This Week

Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Event Espresso
NVD
CVSS 3.0
8.8
EPSS
0.9%
EPSS 0% CVSS 4.3
MEDIUM This Month

The Event Espresso 4 Decaf - Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Event Espresso
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Event Espresso
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy