Themewinter Eventin

16 CVEs affecting Themewinter Eventin. Latest disclosed: 2025-08-08. Critical: 1, High: 8.

Top CVEs affecting Themewinter Eventin
CVESeverityScorePublishedSummary
CVE-2025-47539Critical9.82025-05-23Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <=…
CVE-2025-4796High8.82025-08-08The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the pl…
CVE-2025-1770High8.82025-03-20The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and incl…
CVE-2024-7149High8.82024-09-27The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and incl…
CVE-2025-47445High7.52025-05-14Relative Path Traversal vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.26.
CVE-2025-3419High7.52025-05-08The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and inclu…
CVE-2025-39584High7.52025-04-16Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin wp-event-solution al…
CVE-2025-26964High7.52025-02-25Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Arraytics Eventin wp-event-solution al…
CVE-2025-49321High7.12025-06-27Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin wp-event-solution allows Reflected XSS…
CVE-2024-56213Medium6.52024-12-31Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7.
CVE-2024-37507Medium6.52024-07-21Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue a…
CVE-2024-39648Medium5.92024-08-01Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue a…
CVE-2023-49756Medium5.42024-12-09Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a…
CVE-2025-1766Medium5.32025-03-20The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing c…
CVE-2024-1122Medium5.32024-02-09The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing…
CVE-2024-6033Medium4.32024-07-17The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capab…