Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total4
Critical0
High2
Medium2
Reset
Showing 1-4 of 4 records
Threat Entry Updated 2025-07-15

CVE-2025-5568 - Event Manager And Tickets Selling For Woocommerce Plugin

The WpEvently plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Event Manager And Tickets Selling For Woocommerce

CVE-2025-5568

MEDIUM CVSS 6.4 2025-06-07
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-24796 - Event Manager And Tickets Selling For Woocommerce Plugin

Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin: from n/a through 4.1.1.

PLUGIN Event Manager And Tickets Selling For Woocommerce

CVE-2024-24796

HIGH CVSS 8.2 2024-02-12
Open Full Technical Breakdown
Threat Entry Updated 2025-03-26

CVE-2023-0144 - Event Manager And Tickets Selling For Woocommerce Plugin

The Event Manager and Tickets Selling Plugin for WooCommerce WordPress plugin before 3.8.0 does not validate and escape some of its post meta before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

PLUGIN Event Manager And Tickets Selling For Woocommerce

CVE-2023-0144

MEDIUM CVSS 5.4 2023-02-06
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2022-0478 - Event Manager And Tickets Selling For Woocommerce Plugin

The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to perform SQL Injection attacks

PLUGIN Event Manager And Tickets Selling For Woocommerce

CVE-2022-0478

HIGH CVSS 8.8 2022-03-14
Open Full Technical Breakdown
Scroll to top