Avecnous Event_post
4 CVEs affecting Avecnous Event_post. Latest disclosed: 2025-04-22. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-46228 | Medium | 6.5 | 2025-04-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows DOM-Based XSS.Thi… |
CVE-2023-49179 | Medium | 6.5 | 2023-12-15 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored… |
CVE-2024-10186 | Medium | 6.4 | 2024-11-06 | The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's events_cal shortcode in all versions up to, and including, 5… |
CVE-2024-1376 | Medium | 4.3 | 2024-05-24 | The Event post plugin for WordPress is vulnerable to unauthorized bulk metadata update due to a missing capability check on the save_bulkdatas function in all… |