cleantalk
Vulnerabilities and Security Researches

EventON, CVE-2024-0233

CVE, Research URL

CVE-2024-0233

Home page URL

Security reports for EventON

Application

EventON

Published on
Jan 16, 2024
Research Description
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
Min -, max 2.2.8.
Status
vulnerable
Previous vulnerability researches
EventON (CVE-2024-0233) , Jun 07, 2024
EventON (CVE-2023-6242) , Jun 07, 2024
EventON (CVE-2023-4635) , Jun 07, 2024
EventON (CVE-2023-6244) , Jun 07, 2024
EventON (CVE-2023-6158) , Jun 07, 2024
New vulnerability
Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2025-3453) , Apr 18, 2025
Site Search 360 (CVE-2025-39530) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39589) , Apr 17, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2025-39590) , Apr 17, 2025
Basic Interactive World Map (CVE-2025-39517) , Apr 17, 2025