Exposure of The Events Calendar
WordPress plugins44
exposure score
85,269
sites use
0
exploited
3
critical
CVEs
26 resultsCVE-2024-31433MEDIUMWordPress The Events Calendar plugin <= 6.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-12175MEDIUMThe Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code ExposureEPSS 0.2%CVE-2025-15043MEDIUMThe Events Calendar <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration ControlEPSS 0.2%CVE-2024-37518MEDIUMWordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-69352MEDIUMWordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24537MEDIUMWordPress The Events Calendar plugin <= 6.7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →