Known Vulnerabilities for Events Calendar* by Wpgeodirectory
Listed below are 10 of the newest known vulnerabilities associated with "Events Calendar*" by "Wpgeodirectory".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59234 json | Authorization Bypass Through User-Controlled Key (CWE-639) in CalendarDeleteEventController (app/Http/Controllers/Calendar/Ca... | Not Provided | 2026-07-03 | 2026-07-06 |
| CVE-2026-54006 json | Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-49772 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Liquid Web / StellarWP ... | Not Provided | 2026-06-16 | 2026-06-16 |
| CVE-2026-43882 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, the unauthenticated plugin/Scheduler/down... | Not Provided | 2026-05-11 | 2026-05-13 |
| CVE-2026-40308 json | My Calendar is a WordPress plugin for managing calendar events. In versions 3.7.6 and below, the mc_ajax_mcjs_action AJAX end... | Not Provided | 2026-04-16 | 2026-04-17 |
| CVE-2026-39532 json | Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-24988 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Hogg The Events C... | Not Provided | 2026-02-03 | 2026-04-28 |
| CVE-2026-13441 json | The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-13228 json | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalat... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-12657 json | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct O... | Not Provided | 2026-07-02 | 2026-07-02 |