Eventin

Arraytics

Developer

4.1.1

Latest version

10,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

16 fixed

9 Mitigation rules

WordPress Eventin - Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) plugin <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings' vulnerability
<= 4.0.51
Jan 9, 2026
PHP Object Injection Vulnerability
<= 4.0.31
Aug 13, 2025
Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover vulnerability
<= 4.0.34
Aug 8, 2025
Cross Site Scripting (XSS) Vulnerability
<= 4.0.28
Jun 23, 2025
Arbitrary File Download Vulnerability
<= 4.0.26
May 8, 2025
Privilege Escalation Vulnerability
<= 4.0.26
May 7, 2025
Local File Inclusion Vulnerability
<= 4.0.25
Apr 16, 2025
Missing Authorization to Unauthenticated Payment Status Update vulnerability
<= 4.0.24
Mar 19, 2025
Authenticated (Contributor+) Local File Inclusion vulnerability
<= 4.0.24
Mar 19, 2025
Local File Inclusion vulnerability
<= 4.0.20
Feb 23, 2025
Contributor+ Limited Local File Inclusion vulnerability
<= 4.0.7
Dec 19, 2024
Cross Site Scripting (XSS) vulnerability
<= 4.0.5
Aug 1, 2024
Missing Authorization to Authenticated (Contributor+) Event Data Import vulnerability
<= 4.0.4
Jul 17, 2024
Cross Site Scripting (XSS) vulnerability
<= 3.3.57
Jul 4, 2024
Missing Authorization to Unauthenticated Events Export vulnerability
<= 3.3.50
Feb 12, 2024
Authenticated Notice Dismissal Vulnerability
<= 3.3.52
Dec 4, 2023