Mage-people Event_manager_and_tickets_selling_for_woocommerce
7 CVEs affecting Mage-people Event_manager_and_tickets_selling_for_woocommerce. Latest disclosed: 2025-06-07. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-0478 | High | 8.8 | 2022-03-14 | The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before usi… |
CVE-2024-24796 | High | 8.2 | 2024-02-12 | Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This… |
CVE-2024-43138 | Medium | 6.5 | 2024-08-13 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local… |
CVE-2025-5568 | Medium | 6.4 | 2025-06-07 | The WpEvently plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 4.4.2 due to insu… |
CVE-2023-36383 | Medium | 5.9 | 2023-07-18 | Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.9.5 ver… |
CVE-2023-28422 | Medium | 5.9 | 2023-03-23 | Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce <= 3.8.6. versions. |
CVE-2023-0144 | Medium | 5.4 | 2023-02-06 | The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting… |