Documentation: Home / Vulnerabilities / Access violation vulnerability in Eventin – Event Manager, Events Calendar, Event Tickets and Registrations 4.0.24

Latest

Access violation vulnerability in Eventin – Event Manager, Events Calendar, Event Tickets and Registrations 4.0.24

CVE-2025-1766

Severity: medium-risk
Status: Fixed
Publication: March 19, 2025

The Eventin plugin for WordPress, which includes features such as an Event Manager, Events Calendar, Tickets, and Registrations, has a security vulnerability. This means that unauthorized individuals can change important data without proper permission. This vulnerability affects all versions of the plugin up to version 4.0.24. Attackers who are not logged in can exploit this vulnerability to mark ticket payments as ‘completed’, potentially causing financial harm.

Detected in:

Event Manager, Events Calendar, Attendee Registrations & Sell Tickets – Eventin fixed vulnerable versions:

Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin fixed vulnerable versions:

Event Manager, Events Calendar, Tickets, Registrations – Eventin fixed vulnerable versions:

Eventin – Event Manager, Events Calendar, Booking, Tickets and Registration fixed vulnerable versions:

Eventin – Event Manager, Events Calendar, Event Tickets and Registrations fixed vulnerable versions:

Events Calendar, Event Booking, Registrations and Event Tickets – Eventin fixed vulnerable versions:

Events Calendar, RSVP, Booking System & Event Tickets – Eventin fixed vulnerable versions:

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Protecting site visitors with Security Headers

Hardening your website’s security

Access violation vulnerability in Eventin – Event Manager, Events Calendar, Event Tickets and Registrations 4.0.24

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Protecting site visitors with Security Headers

Hardening your website’s security

Access violation vulnerability in Eventin – Event Manager, Events Calendar, Event Tickets and Registrations 4.0.24

Detected in: