Approved changes feed: RSS · Atom
cpe:2.3:a:magepeopleteam:wpevently:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Magepeopleteam (0363484c-2251-5ffb-a8d9-1a438f007334) |
|---|---|
| Product | Wpevently (0747dc8e-3fcd-5d00-b98c-56b9ad4d1dc1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-32354 |
vulnerable | 2026-06-03 15:20:42.850325 |
WordPress WpEvently plugin < 5.1.9 - Sensitive Data Exposure vulnerability
MEDIUM (5.3)
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through < 5.1.9.
Published: 2026-03-13T11:41:59.838Z
Updated: 2026-04-29T09:51:57.771Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-25361 |
vulnerable | 2026-06-03 15:16:54.482658 |
WordPress WpEvently plugin <= 5.1.4 - Reflected Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam WpEvently mage-eventpress allows Reflected XSS.This issue affects WpEvently: from n/a through <= 5.1.4.
Published: 2026-03-25T16:14:45.515Z
Updated: 2026-04-28T16:14:56.702Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-24954 |
vulnerable | 2026-06-03 15:16:53.668846 |
WordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerability
HIGH (8.8)
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 5.0.8.
Published: 2026-02-03T14:08:34.208Z
Updated: 2026-04-28T16:14:51.930Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-24942 |
vulnerable | 2026-06-03 15:16:53.650630 |
WordPress WpEvently plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam WpEvently mage-eventpress allows Cross Site Request Forgery.This issue affects WpEvently: from n/a through <= 5.1.1.
Published: 2026-02-03T14:08:33.242Z
Updated: 2026-04-28T16:14:50.970Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-23549 |
vulnerable | 2026-06-03 15:16:49.951170 |
WordPress WpEvently plugin <= 5.1.1 - PHP Object Injection vulnerability
CRITICAL (9.8)
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 5.1.1.
Published: 2026-02-19T08:26:49.962Z
Updated: 2026-04-28T16:14:46.842Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-66083 |
vulnerable | 2026-06-03 15:09:40.866825 |
WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
Published: 2025-11-21T12:29:57.750Z
Updated: 2026-04-28T16:14:16.564Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-66082 |
vulnerable | 2026-06-03 15:09:40.866391 |
WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
Published: 2025-11-21T12:29:57.578Z
Updated: 2026-04-28T16:14:16.333Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-54742 |
vulnerable | 2026-06-03 15:04:56.646921 |
WordPress WpEvently Plugin <= 4.4.8 - PHP Object Injection Vulnerability
HIGH (8.8)
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 4.4.8.
Published: 2025-08-28T12:37:40.246Z
Updated: 2026-04-28T16:13:36.761Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-54705 |
vulnerable | 2026-06-03 15:04:56.575553 |
WordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.4.6.
Published: 2025-08-14T10:34:58.440Z
Updated: 2026-05-12T00:31:43.074Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32145 |
vulnerable | 2026-06-03 15:00:40.115793 |
WordPress WpEvently plugin <= 4.3.6 - PHP Object Injection vulnerability
HIGH (8.8)
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 4.3.6.
Published: 2025-04-10T08:09:42.557Z
Updated: 2026-04-28T16:12:17.184Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30895 |
vulnerable | 2026-06-03 15:00:29.794870 |
WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability
HIGH (7.5)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through <= 4.2.9.
Published: 2025-03-27T10:55:46.919Z
Updated: 2026-04-28T16:11:59.892Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30887 |
vulnerable | 2026-06-03 15:00:29.782195 |
WordPress WpEvently Plugin <= 4.2.9 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.2.9.
Published: 2025-03-27T10:55:42.985Z
Updated: 2026-04-28T16:11:59.664Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49703 |
vulnerable | 2026-06-03 14:57:13.099484 |
WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through <= 4.2.5.
Published: 2024-10-24T12:11:18.395Z
Updated: 2026-05-11T21:16:55.519Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.