Eventon
This hub aggregates every CVE we track for Eventon, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
27
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM23HIGH4
Monthly trend
1
0
1
0
0
0
0
0
0
2
4
0
1
0
0
0
0
1
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Eventon.
- CVE-2026-28037WordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerability7.1
- CVE-2025-63064WordPress EventON plugin <= 4.9.12 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2025-47565WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability6.3
- CVE-2025-3527EventON - WordPress Virtual Event Calendar Plugin <= 4.9.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting6.4
- CVE-2025-47564WordPress EventON plugin <= 4.9.8 - Broken Access Control vulnerability5.3
- CVE-2025-48116WordPress EventON plugin <= 2.4.4 - Broken Access Control Vulnerability5.3
- CVE-2025-47494WordPress EventON plugin <= 2.4.1 - Local File Inclusion Vulnerability7.5
- CVE-2025-32614WordPress EventON plugin <= 2.4 - Local File Inclusion vulnerability8.8
- CVE-2025-32160WordPress EventON plugin <= 2.4.1 - Local File Inclusion vulnerability7.5
- CVE-2024-6910EventON < 2.2.17 - Admin+ Stored XSS4.8
- CVE-2024-4752EventON < 2.2.15 - Admin+ Stored Cross-Site Scripting via event subtitle5.9
- CVE-2024-33940WordPress EventON plugin <= 2.2.14 - Cross Site Scripting (XSS) vulnerability5.9
- CVE-2023-7200EventON < 4.4.1 - Reflected Cross-Site Scripting6.1
- CVE-2024-0238EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update6.1
- CVE-2024-0235EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure5.3
Product normalization is registry-driven with AI assist and human review. How it works