PatchSiren cyber security CVE debrief
CVE-2024-32110 Magepeople inc. CVE debrief
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the WpEvently plugin, affecting versions from n/a through 4.1.2. This vulnerability has been assigned a CVSS score of 4.3, indicating a medium severity level.
- Vendor
- Magepeople inc.
- Product
- WpEvently
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of the WpEvently plugin, particularly those using versions from n/a through 4.1.2, should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The CVE-2024-32110 vulnerability is a Cross-Site Request Forgery (CSRF) issue in the WpEvently plugin. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 4.3, with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N. The weakness associated with this vulnerability is CWE-352.
Defensive priority
This vulnerability has a medium severity level, and users should prioritize patching or mitigating the issue as soon as possible.
Recommended defensive actions
- Update the WpEvently plugin to a version that is not vulnerable.
- Implement additional security measures to detect and prevent CSRF attacks.
Evidence notes
The CVE-2024-32110 vulnerability was discovered and reported by Patchstack. The vulnerability is publicly known and has been documented in various sources, including the National Vulnerability Database (NVD).
Official resources
-
CVE-2024-32110 CVE record
CVE.org
-
CVE-2024-32110 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2024-32110 was published on 2026-06-11T09:16:25.400Z and modified on 2026-06-11T14:42:47.007Z.