CVE-2024-24796

Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce  WpEvently  WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce  WpEvently  WordPress Plugin: from n/a through 4.1.1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
PatchstackCNA
8.2 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
mage-peopleevent_manager_and_tickets_selling_for_woocommerce
𝑥
< 4.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://patchstack.com/database/vulnerability/mage-eventpress/wordpress-wpevently-plugin-4-1-1-php-object-injection-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/mage-eventpress/wordpress-wpevently-plugin-4-1-1-php-object-injection-vulnerability?_s_id=cve