Exposición de The Events Calendar
WordPress plugins44
score de exposición
85.269
sitios usan
0
en explotación
3
críticos
CVEs
26 resultadosCVE-2024-8275CRITICALThe Events Calendar <= 6.6.4 - Unauthenticated SQL InjectionEPSS 49.7%CVE-2024-6931HIGHThe Events Calendar <= 6.6.3 - Unauthenticated Stored Cross-Site ScriptingEPSS 16.8%CVE-2025-12197HIGHThe Events Calendar 6.15.1.1 - 6.15.9 - Unauthenticated SQL Injection via sEPSS 14.9%CVE-2024-4180CRITICALThe Events Calendar < 6.4.0.1 - Reflected XSSEPSS 1.8%CVE-2024-5333MEDIUMThe Events Calendar < 6.8.2.1 - Unauthenticated Password Protected Event DisclosureEPSS 1.1%CVE-2023-6203—The Events Calendar < 6.2.8.1 - Unauthenticated Arbitrary Password Protected Post ReadEPSS 0.8%CVE-2025-9808MEDIUMThe Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Information DisclosureEPSS 0.8%CVE-2023-6557MEDIUMThe Events Calendar <= 6.2.8.2 - Unauthenticated Sensitive Information ExposureEPSS 0.6%CVE-2023-35777MEDIUMWordPress The Events Calendar plugin <= 6.1.2.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1295MEDIUMThe Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events AccessEPSS 0.5%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2026-3585HIGHThe Events Calendar <= 6.15.17 - Authenticated (Author+) Arbitrary File Read via ajax_create_importEPSS 0.4%CVE-2025-48246MEDIUMWordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-9807HIGHThe Events Calendar <= 6.15.1 - Unauthenticated SQL InjectionEPSS 0.3%CVE-2024-8493MEDIUMThe Events Calendar < 6.6.4 - Admin+ Stored XSSEPSS 0.3%CVE-2024-12118MEDIUMThe Events Calendar <= 6.9.0 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-49772CRITICALWordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerabilityEPSS 0.2%CVE-2026-2694MEDIUMThe Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST APIEPSS 0.2%CVE-2025-12192MEDIUMThe Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information ExposureEPSS 0.2%CVE-2025-5144MEDIUMThe Events Calendar <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site ScriptingEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →