VYPR

Fooevents For Woocommerce

by WordPress

CVEs (1)

  • CVE-2024-6000HigJun 15, 2024
    risk 0.46cvss 7.1epss 0.01

    The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20. This makes it possible for authenticated…