Vulnerabilities

CVE-2025-9808

by Fred · 16/09/2025

The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues.

More information : https://plugins.trac.wordpress.org/changeset/3359403/

Similar

Tags: Cybersecurity Alert