{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2429", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-12T21:00:05.955Z", "datePublished": "2026-03-07T01:21:23.120Z", "dateUpdated": "2026-04-08T17:18:51.395Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:18:51.395Z"}, "affected": [{"vendor": "jackdewey", "product": "Community Events", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce_venue_name' CSV field in the `on_save_changes_venues` function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via a crafted CSV file upload."}], "title": "Community Events <= 1.5.8 - Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd184c80-e785-4e9b-961d-9c3378688f91?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/community-events/trunk/community-events.php#L743"}, {"url": "https://plugins.trac.wordpress.org/browser/community-events/tags/1.5.7/community-events.php#L743"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3462021%40community-events&new=3462021%40community-events&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "huy tran"}], "timeline": [{"time": "2026-02-12T21:15:18.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-03-06T11:49:54.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-09T19:00:23.839071Z", "id": "CVE-2026-2429", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:33:40.517Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2429", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T19:00:23.839071Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T19:00:24.957Z"}}], "cna": {"title": "Community Events <= 1.5.8 - Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field", "credits": [{"lang": "en", "type": "finder", "value": "huy tran"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "jackdewey", "product": "Community Events", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.5.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-12T21:15:18.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-03-06T11:49:54.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd184c80-e785-4e9b-961d-9c3378688f91?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/community-events/trunk/community-events.php#L743"}, {"url": "https://plugins.trac.wordpress.org/browser/community-events/tags/1.5.7/community-events.php#L743"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3462021%40community-events&new=3462021%40community-events&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce_venue_name' CSV field in the `on_save_changes_venues` function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via a crafted CSV file upload."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:18:51.395Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2429", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:18:51.395Z", "dateReserved": "2026-02-12T21:00:05.955Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-07T01:21:23.120Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce_venue_name' CSV field in the `on_save_changes_venues` function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via a crafted CSV file upload."}, {"lang": "es", "value": "El plugin Community Events para WordPress es vulnerable a inyecci\u00f3n SQL a trav\u00e9s del campo CSV 'ce_venue_name' en la funci\u00f3n 'on_save_changes_venues' en todas las versiones hasta la 1.5.8, inclusive. Esto se debe a un escape insuficiente en los datos CSV proporcionados por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes autenticados, con acceso de nivel de Administrador y superior, a\u00f1adan consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n sensible de la base de datos a trav\u00e9s de la carga de un archivo CSV manipulado."}], "id": "CVE-2026-2429", "lastModified": "2026-04-22T21:27:27.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-03-07T02:16:12.257", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/community-events/tags/1.5.7/community-events.php#L743"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/community-events/trunk/community-events.php#L743"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3462021%40community-events&new=3462021%40community-events&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd184c80-e785-4e9b-961d-9c3378688f91?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.5.8]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Community Events", "source": "cna", "vendor": "jackdewey"}, "product": "community_events", "vendor": "jackdewey"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T16:46:41.780980+00:00", "value": {"mitigation_remediation": ["Upgrade the Community Events plugin to the latest available version that addresses the SQL injection flaw.", "If an immediate upgrade is not possible, limit the upload of CSV files to highly trusted administrators and apply input validation or prepared statements to the ce_venue_name field before it reaches the database.", "Deploy a web application firewall or similar security appliance that blocks anomalous SQL syntax in file uploads or blocks the vulnerable endpoint altogether."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "All installations of the Community Events plugin version 1.5.8 or earlier, used in WordPress sites where the site administrator or a higher\u2011privilege user can upload CSV files via the venue editing interface. Any WordPress installation running these plugin versions is vulnerable as long as the vulnerable code path is reachable.", "description_and_impact": "The Community Events plugin for WordPress contains a SQL injection flaw in the on_save_changes_venues function that processes the ce_venue_name field from a CSV upload. The input is not escaped or prepared, allowing an attacker with Administrator privileges to insert arbitrary SQL fragments into the query. This can be used to read confidential information from the database, such as event details, user data, or other posts, effectively resulting in unauthorized data disclosure. The vulnerability is a classic instance of CWE-89.", "risk_and_exploitability": "The CVSS score of 4.9 reflects moderate severity, and the EPSS score of less than 1% indicates a very low current exploitation probability. The issue is not listed in the CISA KEV catalog, suggesting no widespread exploitation has been reported. An attacker would need to log into the WordPress admin area, upload a crafted CSV file using the plugin\u2019s venue editing feature, and have their SQL payload execute. Because the attack requires authenticated access and a specific plugin feature, the real\u2011world risk is limited to compromised or poorly secured sites where an administrator could be tricked or maliciously used."}}}}, "created": "2026-03-09T10:06:05.243161+00:00", "updated": "2026-04-15T17:00:07.042857+00:00", "vendors": ["jackdewey", "jackdewey$PRODUCT$community_events", "wordpress", "wordpress$PRODUCT$wordpress"]}