Jevents
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49467 | Cri | 0.60 | — | 0.00 | Jun 12, 2025 | A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges. | ||
| CVE-2015-7340 | Hig | 0.47 | 7.2 | 0.01 | Mar 9, 2020 | JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action. |
- risk 0.60cvss —epss 0.00
A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.
- risk 0.47cvss 7.2epss 0.01
JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.