cleantalk
Vulnerabilities and Security Researches

EventPrime – Events Calendar, Bookings and Tickets, CVE-2023-6447

CVE, Research URL

CVE-2023-6447

Home page URL

Security reports for EventPrime – Events Calendar, Bookings and Tickets

Application

EventPrime – Events Calendar, Bookings and Tickets

Published on
Jan 23, 2024
Research Description
The EventPrime WordPress plugin before 3.3.6 lacks authentication and authorization, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id/event name.
Affected versions
max 3.4.0.
Status
vulnerable
Previous vulnerability researches
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-9864) , May 07, 2025
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-8369) , Sep 11, 2024
EventPrime – Events Calendar, Bookings and Tickets (CVE-2026-25389) , Feb 27, 2026
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-47648) , Oct 03, 2024
EventPrime – Events Calendar, Bookings and Tickets (CVE-2024-4665) , May 19, 2025
New vulnerability
افزونه پیامک حرفه ای فراز اس ام اس (CVE-2025-68031) , Feb 28, 2026
iONE360 configurator (CVE-2025-15440) , Feb 28, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-13416) , Feb 28, 2026
Storyform (CVE-2025-53233) , Feb 28, 2026
افزونه پیامک ووکامرس Persian WooCommerce SMS (CVE-2026-22352) , Feb 28, 2026