Log out
Get PRO

Latest

Input validation vulnerability in Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin 4.2.1

  • Severity: critical
  • Status: Fixed
  • Publication: August 7, 2024

A popular plugin for selling tickets and managing events on WordPress called WpEvently has a security issue. This issue, known as Local File Inclusion, allows attackers with a certain level of access to include and run any file on the server. This can lead to unauthorized access, theft of sensitive information, or even the execution of malicious code. The vulnerability affects all versions of the plugin up to 4.2.1.

Detected in:

Event Booking & Management Plugin for WooCommerce fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently fixed vulnerable versions:
Event Booking & Management Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:
Event Booking Manager for WooCommerce – WpEvently fixed vulnerable versions:
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.