On April 6th, 2025, we received a submission for an Arbitrary File Read vulnerability in Eventin, a WordPress plugin with more than 10,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to read arbitrary files on the server, which can contain sensitive information.
The post 10,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Eventin WordPress Plugin appeared first on Wordfence.
This article has been indexed from Blog – Wordfence