Vulnerabilities > Themewinter > Eventin

DATE CVE VULNERABILITY TITLE RISK
2024-09-27 CVE-2024-7149 Path Traversal vulnerability in Themewinter Eventin
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters.
network
low complexity
themewinter CWE-22
8.8
8.8
2024-02-09 CVE-2024-1122 Missing Authorization vulnerability in Themewinter Eventin
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.50.
network
low complexity
themewinter CWE-862
5.3
5.3