目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

The Events Calendar 产品漏洞列表 / CVE 中文分析 23

The Events Calendar 产品相关 23 条漏洞,AI 中文标题与摘要、CVSS、POC 一站汇总。

ベンダー: Unknown

CVE IDタイトルCVSS深刻度公開日
CVE-2026-3585 The Events Calendar <= 6.15.17 - Authenticated (Author+) Arbitrary File Read via ajax_create_import CWE-22 7.5 High2026-03-10
CVE-2026-2694 The Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST API CWE-285 5.4 Medium2026-02-25
CVE-2025-15043 The Events Calendar <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration Control CWE-862 5.4 Medium2026-01-20
CVE-2025-69352 WordPress The Events Calendar plugin <= 6.15.12.2 - Broken Access Control vulnerability CWE-862 5.4 Medium2026-01-06
CVE-2025-12192 The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information Exposure CWE-697 5.3 Medium2025-11-05
CVE-2025-12197 The Events Calendar 6.15.1.1 - 6.15.9 - Unauthenticated SQL Injection via s CWE-89 7.5 High2025-11-05
CVE-2025-12175 The Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure CWE-862 4.3 Medium2025-10-31
CVE-2025-9808 The Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Information Disclosure CWE-200 5.3 Medium2025-09-16
CVE-2025-9807 The Events Calendar <= 6.15.1 - Unauthenticated SQL Injection CWE-89 7.5 High2025-09-12
CVE-2025-5144 The Events Calendar <= 6.13.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting CWE-79 6.4 Medium2025-06-11
CVE-2025-48246 WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability CWE-862 5.4 Medium2025-05-19
CVE-2024-8493 The Events Calendar < 6.6.4 - Admin+ Stored XSS 4.8AIMediumAI2025-05-15
CVE-2025-24537 WordPress The Events Calendar plugin <= 6.7.0 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2025-01-27
CVE-2024-12118 The Events Calendar <= 6.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2025-01-23
CVE-2024-37518 WordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2025-01-02
CVE-2024-5333 The Events Calendar < 6.8.2.1 - Unauthenticated Password Protected Event Disclosure 5.3 -2024-12-16
CVE-2023-35777 WordPress The Events Calendar plugin <= 6.1.2.2 - Broken Access Control vulnerability CWE-862 5.3 Medium2024-12-13
CVE-2024-6931 The Events Calendar <= 6.6.3 - Unauthenticated Stored Cross-Site Scripting CWE-79 7.2 High2024-09-27
CVE-2024-8275 The Events Calendar <= 6.6.4 - Unauthenticated SQL Injection CWE-89 9.8 Critical2024-09-25
CVE-2024-4180 The Events Calendar < 6.4.0.1 - Reflected XSS 6.1AIMediumAI2024-06-04
CVE-2024-31433 WordPress The Events Calendar plugin <= 6.3.0 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2024-04-15
CVE-2023-6557 The Events Calendar <= 6.2.8.2 - Unauthenticated Sensitive Information Exposure CWE-862 5.3 Medium2024-02-05
CVE-2023-6203 The Events Calendar < 6.2.8.1 - Unauthenticated Arbitrary Password Protected Post Read 7.5AIHighAI2023-12-18

The Events Calendar 产品累计公开 23 条 CVE 漏洞,本页提供按时间倒序的完整列表,包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。