Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tri the events calendar vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-6557
The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wp_ajax_nopriv_tribe_dropdown. This makes it possible for unauthenticated malicious users to extract poten...
Tri The Events Calendar
7.5
CVSSv3
CVE-2023-6203
The Events Calendar WordPress plugin prior to 6.2.8.1 discloses the content of password protected posts to unauthenticated users via a crafted request
Tri The Events Calendar
6.1
CVSSv3
CVE-2019-15109
The the-events-calendar plugin prior to 4.8.2 for WordPress has XSS via the tribe_paged URL parameter.
Tri The Events Calendar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started