cbcvebase.

Bastien Ho Event Post vulnerabilities

6 known vulnerabilities affecting bastien_ho/event_post.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2024-38735P2HIGHCVSS 7.5Exploited≤ 5.9.52024-07-12
CVE-2024-38735 [HIGH] CWE-98 CVE-2024-38735: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.9.5.
nvd
CVE-2025-24585P4MEDIUMCVSS 6.5≤ 5.9.72025-01-24
CVE-2025-24585 [MEDIUM] CWE-79 CVE-2025-24585: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.9.7.
nvd
CVE-2025-26923P4MEDIUMCVSS 6.5≤ 5.9.82025-03-26
CVE-2025-26923 [MEDIUM] CWE-79 CVE-2025-26923: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.9.8.
nvd
CVE-2025-49298P4MEDIUMCVSS 6.5≤ 5.10.12025-06-06
CVE-2025-49298 [MEDIUM] CWE-79 CVE-2025-49298: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through <= 5.10.1.
nvd
CVE-2025-62042P4MEDIUMCVSS 6.5≤ 5.10.32025-10-22
CVE-2025-62042 [MEDIUM] CWE-79 CVE-2025-62042: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.10.3.
nvd
CVE-2025-46228P4MEDIUMCVSS 5.4≤ 5.9.112025-04-22
CVE-2025-46228 [MEDIUM] CWE-79 CVE-2025-46228: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post allows DOM-Based XSS.This issue affects Event post: from n/a through <= 5.9.11.
nvd
Bastien Ho Event Post vulnerabilities | cvebase