VYPR

Jevents

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-49467CriJun 12, 2025
    risk 0.60cvss epss 0.00

    A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges.

  • CVE-2015-7340HigMar 9, 2020
    risk 0.47cvss 7.2epss 0.01

    JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.