Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

magepeopleteam — Vulnerabilities & Security Advisories 42

Browse all 42 CVE security advisories affecting magepeopleteam. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MagePeopleTeam operates as a software development entity primarily focused on creating extensions and modules for the Magento e-commerce platform. Their portfolio includes various plugins designed to enhance store functionality, such as payment gateways, shipping solutions, and marketing tools. Historically, vulnerabilities associated with their products frequently involve Cross-Site Scripting (XSS), SQL Injection, and Remote Code Execution (RCE). These flaws often stem from insufficient input validation and improper access controls within their custom codebases. Notable incidents include multiple critical CVEs that allowed attackers to execute arbitrary commands or steal sensitive customer data from compromised Magento stores. The high volume of recorded issues suggests a pattern of recurring security oversights in their development lifecycle. While some vulnerabilities have been patched, the sheer number of disclosed CVEs indicates persistent challenges in maintaining robust security standards across their diverse range of third-party integrations.

Found 13 results / 42Clear Filters
Top products by magepeopleteam: WpEvently Booking and Rental Manager Bus Ticket Booking with Seat Reservation WpTravelly Taxi Booking Manager for WooCommerce WpBookingly Travelly – Tour & Travel Booking Manager for WooCommerce | Tour & Hotel Booking Solution Multipurpose Ticket Booking Manager Booking and Rental Manager for Bike | Car | Resort | Appointment | Dress | Equipment Event Booking Manager for WooCommerce E-cab Taxi Booking Manager for Woocommerce Car Rental Manager
CVE IDTitleCVSSSeverityPublished
CVE-2026-25361 WordPress WpEvently plugin <= 5.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — WpEventlyCWE-79 7.1 High2026-03-25
CVE-2026-32354 WordPress WpEvently plugin < 5.1.9 - Sensitive Data Exposure vulnerability — WpEventlyCWE-201 5.3 Medium2026-03-13
CVE-2026-23549 WordPress WpEvently plugin <= 5.1.1 - PHP Object Injection vulnerability — WpEventlyCWE-502 9.8 Critical2026-02-19
CVE-2026-24954 WordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerability — WpEventlyCWE-502 8.8 High2026-02-03
CVE-2026-24942 WordPress WpEvently plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability — WpEventlyCWE-352 4.3 Medium2026-02-03
CVE-2025-66082 WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability — WpEventlyCWE-862 5.3 Medium2025-11-21
CVE-2025-66083 WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability — WpEventlyCWE-862 5.3 Medium2025-11-21
CVE-2025-54742 WordPress WpEvently Plugin <= 4.4.8 - PHP Object Injection Vulnerability — WpEventlyCWE-502 8.8 High2025-08-28
CVE-2025-54705 WordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerability — WpEventlyCWE-862 4.3 Medium2025-08-14
CVE-2025-32145 WordPress WpEvently plugin <= 4.3.6 - PHP Object Injection vulnerability — WpEventlyCWE-502 8.8 High2025-04-10
CVE-2025-30895 WordPress WpEvently Plugin <= 4.2.9 - PHP Object Injection vulnerability — WpEventlyCWE-22 7.5 High2025-03-27
CVE-2025-30887 WordPress WpEvently Plugin <= 4.2.9 - Broken Access Control vulnerability — WpEventlyCWE-862 5.3 Medium2025-03-27
CVE-2024-49703 WordPress WpEvently plugin <= 4.2.5 - Cross Site Scripting (XSS) vulnerability — WpEventlyCWE-79 6.5 Medium2024-10-24

This page lists every published CVE security advisory associated with magepeopleteam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.