📦 Eventer

This SQL injection vulnerability in the Eventer WordPress plugin allows authenticated attackers with Subscriber-level access or higher to inject malicious SQL queries via the reg_id parameter. This ca...

The Eventer WordPress plugin contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries through the 'event' parameter. This can lead to extraction o...

CVE-2025-39482 is a missing authorization vulnerability in the Eventer WordPress plugin that allows attackers to bypass intended access controls. This affects WordPress sites using Eventer versions be...

The Eventer WordPress plugin up to version 3.9.9 has a stored XSS vulnerability in shortcode attributes. Authenticated attackers with contributor-level permissions or higher can inject malicious scrip...

The Eventer WordPress plugin has an authorization vulnerability that allows authenticated users with subscriber-level permissions or higher to download booking data containing customers' personal info...