cleantalk
Vulnerabilities and Security Researches

Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin, CVE-2025-66083

CVE, Research URL

CVE-2025-66083

Home page URL

Security reports for Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin

Application

Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin

Published on
Nov 21, 2025
Research Description
Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 5.0.4.
Affected versions
max 5.0.4.
Status
vulnerable
Previous vulnerability researches
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24954) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-23549) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2025-5568) , Jun 17, 2025
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24942) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2025-54705) , Aug 06, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026