📦 Eventprime

This CVE describes a Missing Authorization vulnerability in the EventPrime WordPress plugin that allows attackers to manipulate booking prices without proper authentication. It affects all EventPrime ...

Unauthenticated reflected cross-site scripting (XSS) vulnerability in EventPrime WordPress plugin allows attackers to inject malicious scripts via crafted URLs. This affects WordPress sites running Ev...

This vulnerability allows unauthenticated attackers to inject malicious scripts into EventPrime WordPress plugin pages through reflected cross-site scripting (XSS). When users visit specially crafted ...

The EventPrime WordPress plugin before version 3.5.0 has an authorization bypass vulnerability that allows authenticated users to modify or cancel bookings belonging to other users. This affects all W...

This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress websites using the EventPrime plugin. When front-end users can submit events with tickets, attackers can ...

The EventPrime WordPress plugin has an authorization bypass vulnerability that allows unauthenticated attackers to view private or password-protected events. This affects all WordPress sites using Eve...