Imithemes Eventer - Wordpress Event & Booking Manager Plugin
6 CVEs affecting Imithemes Eventer - Wordpress Event & Booking Manager Plugin. Latest disclosed: 2025-03-07. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-0959 | High | 8.8 | 2025-03-07 | The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL Injection via the reg_id parameter in all versions up to, and… |
CVE-2024-11135 | High | 7.5 | 2025-01-28 | The Eventer plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'eventer_get_attendees' function in all versions up to, and in… |
CVE-2024-10799 | Medium | 6.5 | 2025-01-17 | The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.9.7 via the eventer_woo_download_tickets() functi… |
CVE-2024-11132 | Medium | 6.4 | 2025-02-03 | The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9.4 due to insufficient inpu… |
CVE-2024-11133 | Medium | 5.3 | 2025-02-03 | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function i… |
CVE-2024-11134 | Medium | 4.3 | 2025-02-03 | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function i… |