cleantalk
Vulnerabilities and Security Researches

Event Espresso 4 Decaf – Event Registration Event Ticketing, CVE-2025-68007

CVE, Research URL

CVE-2025-68007

Home page URL

Security reports for Event Espresso 4 Decaf – Event Registration Event Ticketing

Application

Event Espresso 4 Decaf – Event Registration Event Ticketing

Published on
Jan 22, 2026
Research Description
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through <= 5.0.37.decaf.
Affected versions
max 5.0.37.
Status
vulnerable
Previous vulnerability researches
Netgsm (CVE-2025-68010) , Jan 27, 2026
Netgsm (CVE-2024-35672) , Jun 07, 2024
Netgsm (CVE-2024-4746) , Jun 07, 2024
Netgsm (CVE-2024-32544) , Jun 07, 2024
Netgsm (CVE-2025-60143) , Oct 11, 2025
New vulnerability
Header and Footer Scripts (CVE-2025-11453) , Jan 28, 2026
WordPress CRM Plugin &#8211; WP-CRM System (CVE-2025-14854) , Jan 28, 2026
WordPress CRM Plugin &#8211; WP-CRM System (CVE-2025-62106) , Jan 28, 2026
Contact Form 7 GetResponse Extension (CVE-2026-24557) , Jan 28, 2026
NextMove Lite &#8211; Thank You Page for WooCommerce (CVE-2026-24599) , Jan 28, 2026