Filtered by vendor Themewinter
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43135 | 1 Themewinter | 1 Wpcafe | 2024-09-12 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28. | ||||
| CVE-2024-1122 | 1 Themewinter | 1 Eventin | 2024-08-27 | 5.3 Medium |
| The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated attackers to export event data. | ||||
| CVE-2024-37513 | 1 Themewinter | 1 Wpcafe | 2024-08-16 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows Path Traversal.This issue affects WPCafe: from n/a through 2.2.27. | ||||
| CVE-2024-6033 | 1 Themewinter | 1 Eventin | 2024-08-01 | 4.3 Medium |
| The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'import_file' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to import events, speakers, schedules and attendee data. | ||||
Page 1 of 1.