🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Timetable and Event Schedule by MotoPress

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Timetable and Event Schedule by MotoPress

Information

Software Type	Plugin
Software Slug	mp-timetable (view on wordpress.org)
Software Status	Active
Software Author	jetmonsters
Software Website	motopress.com
Software Downloads	740,015
Software Active Installs	30,000
Software Record Last Updated	May 16, 2024

6 Vulnerabilities

Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection

9.9

CVE-2024-3342

Apr 26, 2024

Researcher: Krzysztof Zając

Timetable and Event Schedule by MotoPress <= 2.4.1 - Unauthorised Event TimeSlot Deletion

4.3

CVE-2021-24583

Aug 23, 2021

Researcher: dc11

Timetable and Event Schedule by MotoPress <= 2.4.1 - Unauthorised Event TimeSlot Update

6.4

CVE-2021-24584

Aug 23, 2021

Researcher: dc11

Timetable and Event Schedule by MotoPress <= 2.3.18 - Author+ Stored Cross-Site Scripting

5.4

CVE-2021-24724

Aug 23, 2021

Researcher: Martin Vierula

Timetable and Event Schedule by MotoPress <= 2.3.19 - Arbitrary User's Hashed Password/Email/Username Disclosure

6.5

CVE-2021-24585

Aug 23, 2021

Researcher: dc11

Timetable and Event Schedule by MotoPress <= 2.3.8 - Missing Authorization

7.3

CVE ID Unknown

Apr 21, 2020

Researcher: Ram

Title	Status	CVE ID	CVSS	Researchers	Date
Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection	Patched	CVE-2024-3342	9.9	Krzysztof Zając	April 26, 2024
Timetable and Event Schedule by MotoPress <= 2.4.1 - Unauthorised Event TimeSlot Deletion	Patched	CVE-2021-24583	4.3	dc11	August 23, 2021
Timetable and Event Schedule by MotoPress <= 2.4.1 - Unauthorised Event TimeSlot Update	Patched	CVE-2021-24584	6.4	dc11	August 23, 2021
Timetable and Event Schedule by MotoPress <= 2.3.18 - Author+ Stored Cross-Site Scripting	Patched	CVE-2021-24724	5.4	Martin Vierula	August 23, 2021
Timetable and Event Schedule by MotoPress <= 2.3.19 - Arbitrary User's Hashed Password/Email/Username Disclosure	Patched	CVE-2021-24585	6.5	dc11	August 23, 2021
Timetable and Event Schedule by MotoPress <= 2.3.8 - Missing Authorization	Patched		7.3	Ram	April 21, 2020

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation