CVE-2025-10586 | Community Events Plugin up to 1.5.1 on WordPress event_venue sql injection

October 8, 2025 Yanac

A vulnerability classified as critical was found in Community Events Plugin up to 1.5.1 on WordPress. Affected is an unknown function. Such manipulation of the argument event_venue leads to sql injection.

This vulnerability is documented as CVE-2025-10586. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-6038 | Lisfinity Core Plugin up to 1.4.0 on WordPress Password Update privilege escalation
CVE-2025-7634 | WP Travel Engine Plugin up to 6.6.7 on WordPress mode file inclusion