Browse all 3 CVE security advisories affecting EventPrime. AI-powered Chinese analysis, POCs, and references for each vulnerability.
EventPrime is an event management plugin for WordPress that enables organizers to create, manage, and promote events. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The plugin's three recorded CVEs highlight recurring problems in input validation and access control. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations. Users are advised to maintain updated versions and implement additional security measures to mitigate potential exploitation of these weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-45637 | WordPress EventPrime Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS) — EventPrime – Events Calendar, Bookings and TicketsCWE-79 | 7.1 | High | 2023-10-24 |
| CVE-2023-35884 | WordPress EventPrime Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS) — EventPrimeCWE-79 | 7.1 | High | 2023-06-20 |
| CVE-2023-33326 | WordPress EventPrime Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS) — EventPrimeCWE-79 | 7.1 | High | 2023-05-28 |
This page lists every published CVE security advisory associated with EventPrime. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.