Vulnerabilities in ashanjay

11 results

CVE-2023-4635MEDIUMEventON <= 2.2.2 - Reflected Cross-Site ScriptingEPSS 0.6%CVE-2023-6158MEDIUMEventON - WordPress Virtual Event Calendar Plugin Pro <= 4.5.4 & Free <= 2.2.7 - Missing Authorization to Arbitrary Post Meta Update via evo_eventpost_update_metaEPSS 0.6%CVE-2024-6180HIGHEventON <= 2.2.15 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting and Plugin Settings UpdatesEPSS 0.5%CVE-2025-8091MEDIUMEventON Lite <= 2.4.7 - Authenticated (Contributor+) Information DisclosureEPSS 0.4%CVE-2025-47564MEDIUMWordPress EventON plugin <= 4.9.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-6242MEDIUMEventON - WordPress Virtual Event Calendar Plugin Pro <= 4.5.4 & Free <= 2.2.7 - Cross-Site Request Forgery via evo_eventpost_update_metaEPSS 0.3%CVE-2023-6244MEDIUMEventON - WordPress Virtual Event Calendar Plugin <= 4.5.4 (Pro) & <= 2.2.8 (Free) - Cross-Site Request Forgery via save_virtual_event_settingsEPSS 0.3%CVE-2026-6690HIGHLifePress <= 2.2.2 - Unauthenticated Stored Cross-Site Scripting via 'n' Parameter via lp_update_mds AJAX ActionEPSS 0.2%CVE-2025-47565MEDIUMWordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63064MEDIUMWordPress EventON plugin <= 4.9.12 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-28037HIGHWordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%