Known Vulnerabilities for The Events Calendar by StellarWP
Listed below are 1 of the newest known vulnerabilities associated with "The Events Calendar" by "StellarWP".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59234 json | Authorization Bypass Through User-Controlled Key (CWE-639) in CalendarDeleteEventController (app/Http/Controllers/Calendar/Ca... | Not Provided | 2026-07-03 | 2026-07-06 |
| CVE-2026-54006 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-49772 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Liquid Web / StellarWP ... | Not Provided | 2026-06-16 | 2026-06-16 |
| CVE-2026-43882 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, the unauthenticated plugin/Scheduler/down... | Not Provided | 2026-05-11 | 2026-05-13 |
| CVE-2026-39532 json | Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-24988 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Hogg The Events C... | Not Provided | 2026-02-03 | 2026-04-28 |
| CVE-2026-14782 json | The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to SQL Injection via the Custo... | Not Provided | 2026-07-16 | 2026-07-16 |
| CVE-2026-13441 json | The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-13228 json | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalat... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-12657 json | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct O... | Not Provided | 2026-07-02 | 2026-07-02 |