← Back

Themewinter

themewinter

22 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Eventin
eventin
16 CVEs
Wpcafe
wpcafe
6 CVEs

CVEs (22)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-1855
1Themewinter
1Wpcafe
Apr 8, 2026
May 23, 2024
N/A· v4
5.3 MEDIUM· v3
N/A· v2
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via th...Show more
The WPCafe – Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.23 via the wpc_check_for_submission function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application.Show less
CVE-2024-1122
1Themewinter
1Eventin
Apr 8, 2026
Feb 9, 2024
N/A· v4
5.3 MEDIUM· v3
N/A· v2
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versio...Show more
The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_data() function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated attackers to export event data.Show less