community_events_project CVE Vulnerabilities & Metrics

About community_events_project Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with community_events_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Critical community_events_project CVEs (CVSS ≥ 9) Over 20 Years

Top 5 Highest CVSS community_events_project CVEs

These are the five CVEs with the highest CVSS scores for community_events_project, sorted by severity first and recency.

• CVE-2015-3313 community_events_project Published on 07 Sep 2017, 20:29 UTC (CVSS: 7.5)
  SQL injection vulnerability in WordPress Community Events plugin before 1.4.
• CVE-2021-24496 community_events_project Published on 02 Aug 2021, 11:15 UTC (CVSS: 4.3)
  The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator
• CVE-2024-6271 community_events_project Published on 22 Jul 2024, 06:15 UTC (CVSS: 0)
  The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack
• CVE-2022-44742 community_events_project Published on 23 Mar 2023, 12:15 UTC (CVSS: 0)
  Auth. (admin+) Stored Cross-Site Scripting vulnerability in Yannick Lefebvre Community Events plugin <= 1.4.8 versions.

All CVEs for community_events_project