Imithemes Eventer

10 CVEs affecting Imithemes Eventer. Latest disclosed: 2025-08-14. Critical: 1, High: 3.

Top CVEs affecting Imithemes Eventer
CVESeverityScorePublishedSummary
CVE-2025-39481Critical9.32025-05-16Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This…
CVE-2025-0959High8.82025-03-07The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all versions up to, and…
CVE-2024-11135High7.52025-01-28The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and in…
CVE-2025-22635High7.12025-02-23Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imithemes Eventer eventer allows Reflected XSS.This issue…
CVE-2025-39483Medium6.52025-08-14Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a…
CVE-2024-10799Medium6.52025-01-17The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.9.7 via the eventer_woo_download_tickets() functi…
CVE-2024-11132Medium6.42025-02-03The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9.4 due to insufficient inpu…
CVE-2024-11133Medium5.32025-02-03The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function i…
CVE-2025-39482Medium4.32025-05-16Missing Authorization vulnerability in imithemes Eventer eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eve…
CVE-2024-11134Medium4.32025-02-03The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function i…