Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Eventprime
(Metagauss)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-22 | CVE-2023-6447 | The EventPrime WordPress plugin before 3.3.6 lacks authentication and authorization, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id/event name. | Eventprime | 5.3 | ||
| 2025-05-15 | CVE-2024-4665 | The EventPrime WordPress plugin before 3.5.0 does not properly validate permissions when updating bookings, allowing users to change/cancel bookings for other users. Additionally, the feature is lacking a nonce. | Eventprime | N/A | ||
| 2024-03-27 | CVE-2024-29776 | Cross Site Scripting (XSS) vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. | Eventprime | 4.8 | ||
| 2024-03-23 | CVE-2024-24832 | Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. | Eventprime | 7.5 | ||
| 2024-05-17 | CVE-2023-33321 | Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6. | Eventprime | 5.3 |