EventON

Vulnerabilities 17Slug eventonLatest version 4.0.6Plugin page →

Minimum safe version

4.9.7

Update to 4.9.7 or later to address 13 fixable vulnerabilities

Latest available4.0.6 ✗⚠ 4 vulnerabilities have no fix

High 7.1 Unfixed

2026-03-05≤ 4.9.12

CVE-2026-28037

CVE Wordfence

Medium 6.5 Unfixed

2025-12-09≤ 4.9.12

CVE-2025-63064

CVE Wordfence

Medium 6.3 Unfixed

2025-07-04≤ 4.9.9

WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability

CVE EUVD Wordfence

Medium 6.4

2025-05-17< 4.9.7

EventON - WordPress Virtual Event Calendar Plugin <= 4.9.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 5.3 Unfixed

2025-05-16≤ 4.9.9

WordPress EventON plugin <= 4.9.8 - Broken Access Control vulnerability

CVE Patchstack EUVD Wordfence

Medium 4.3

2024-10-19< 4.7

CVE-2023-6243

CVE Patchstack Wordfence

Medium 6.1

2024-01-31< 4.4.1

EventON <= 4.4.0 - Reflected Cross-Site Scripting

Wordfence CVE Patchstack WPScan WPScan

Medium 6.1

2024-01-16< 4.5.6

CVE-2024-0238

CVE WPScan

Medium 5.3

2024-01-16< 4.5.9

CVE-2024-0237

CVE Wordfence WPScan

Medium 5.3

2024-01-16< 4.5.5

CVE-2024-0236

CVE Wordfence WPScan

Medium 5.3

2024-01-16< 4.5.5

CVE-2024-0235

CVE Wordfence WPScan

Medium 6.1

2024-01-16< 4.5.5

CVE-2024-0233

CVE Wordfence WPScan

Medium 4.8

2024-01-16< 4.5.5

CVE-2023-6005

CVE Wordfence WPScan

Medium 4.3

2024-01-11< 4.5.5

CVE-2023-6244

CVE Patchstack Wordfence

Medium 6.5

2024-01-10< 4.5.5

CVE-2023-6158

CVE Patchstack Wordfence

Medium 4.3

2024-01-11< 4.5.5

CVE-2023-6242

CVE Patchstack Wordfence

Medium 6.1

2020-12-01< 3.0.6

WordPress eventON premium plugin <= 3.0.5 - Cross-Site Scripting (XSS) vulnerability

Patchstack CVE Wordfence Patchstack