cleantalk
Vulnerabilities and Security Researches

Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin, CVE-2026-23549

CVE, Research URL

CVE-2026-23549

Home page URL

Security reports for Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin

Application

Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin

Published on
Feb 19, 2026
Research Description
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 5.1.1.
Affected versions
max 5.1.1.
Status
vulnerable
Previous vulnerability researches
New User Approve (CVE-2022-1625) , Jun 07, 2024
New User Approve (CVE-2023-50902) , Jun 07, 2024
New User Approve (a914ab360f5373364b002ff95df35db62d4f7ca4) , Jun 07, 2024
New User Approve (CVE-2025-69063) , Feb 27, 2026
New User Approve (CVE-2025-12770) , Dec 11, 2025
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026