PatchSiren

CurlyThemes CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH CurlyThemes CVE published 2026-06-17

CVE-2025-69135

PatchSiren analyzed CVE-2025-69135, a HIGH severity vulnerability in Events Schedule - WordPress Events Calendar Plugin. This SQL Injection issue affects versions up to 2.7.2. The vulnerability allows subscribers to inject malicious SQL, potentially leading to unauthorized data access or modification. Users should review the official advisory and CVE record to validate affected scope, severity, and vendor guidance.