CVE-2025-12175 | Events Calendar Plugin up to 6.15.9 on WordPress Draft Event tec_qr_code_modal authorization

Inserito da Angelo Barbosa | Ott 31, 2025 | CVE

A vulnerability classified as problematic was found in Events Calendar Plugin up to 6.15.9 on WordPress. This affects the function tec_qr_code_modal of the component Draft Event Handler. The manipulation results in missing authorization.

This vulnerability is known as CVE-2025-12175. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-12175 | Events Calendar Plugin up to 6.15.9 on WordPress Draft Event tec_qr_code_modal authorization

Post correlati

CVE-2024-23188 | Open-Xchange OX App Suite up to 8.21 E-Mail Attachment cross site scripting

CVE-2025-52099 | SQLite3 3.50.0 setupLookaside denial of service

CVE-2025-23743 | Martijn Scheybeler Social Analytics Plugin up to 0.2 on WordPress cross-site request forgery

CVE-2024-20492 | Cisco TelePresence Video Communication Server (VCS) Expressway command injection (cisco-sa-expw-escalation-3bkz77bD)