VYPR

Ht Event

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-24624HigApr 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Event ht-event allows Reflected XSS.This issue affects HT Event: from n/a through <= 1.4.6.

  • CVE-2024-13216MedJan 31, 2025
    risk 0.28cvss 4.3epss 0.00

    The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via the 'render' function in /includes/widgets/htevent_sponsor.php. This makes it possible for…

  • CVE-2023-0496Mar 27, 2023
    risk 0.00cvss epss 0.00

    The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack