Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-47539: Eventin Privilege Escalation Risk through Incorrect Privilege Assignment
Exploitation likelihood: 30%
CVE-2025-47539
Summary
A security issue in Eventin versions 1 through 4.0.26 allows an attacker to gain higher levels of access. This could lead to sensitive data theft or unauthorized changes to the system. Update to the latest version of Eventin to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| themewinter | eventin |
< 4.0.27 cpe:2.3:a:themewinter:eventin:*:*:*:*:*:wordpress:*:* |
Original title
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26.
Original description
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation. This issue affects Eventin: from n/a through 4.0.26.
nvd CVSS3.1
9.8
Vulnerability type
CWE-266
Incorrect Privilege Assignment
- https://patchstack.com/database/wordpress/plugin/wp-event-solution/vulnerability... Third Party Advisory
Published: 23 May 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026