Log out
Get PRO

Latest

Input validation vulnerability in Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin 4.2.9

  • Severity: high-risk
  • Status: Fixed
  • Publication: March 27, 2025

The WpEvently plugin for WordPress has a security issue in versions up to and including 4.2.9. This means that people with contributor-level access or higher can access and run any files on the server, including ones with PHP code. This could lead to unauthorized access, getting private information, or running code when certain types of files are uploaded.

Detected in:

Event Booking & Management Plugin for WooCommerce fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:
Event Booking Manager for WooCommerce – WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.