Object Injection Vulnerability in WpEvently Plugin by MagePeopleTeam
CVE-2026-23549
Currently unrated
What is CVE-2026-23549?
The WpEvently plugin by MagePeopleTeam has a vulnerability that allows for object injection due to improper deserialization of untrusted data. This can lead to exploitation by attackers to manipulate the application state or execute arbitrary code, potentially compromising the security of the affected WordPress site. Users of WpEvently versions up to 5.1.1 are advised to take immediate action to secure their installations.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
WpEvently <= n/a
References
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Phat RiO | Patchstack Bug Bounty Program