Vulners
Lucene search
CVE-2021-24146
๐๏ธย 18 Mar 2021ย 14:57:50Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ฐ๏ธย 4ย Media mentions๐ย 133ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | Wordpress Modern Events Calendar 5.16.2 Plugin - Event export (Unauthenticated) Exploit | 2 Jul 202100:00 | โ | zdt |
 | CVE-2021-24146 | 18 Mar 202117:32 | โ | circl |
 | Wordpress Modern Events Calendar Lite ่ฎฟ้ฎๆงๅถ้่ฏฏๆผๆด | 18 Mar 202100:00 | โ | cnnvd |
 | CVE-2021-24146 Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export | 18 Mar 202114:57 | โ | cvelist |
 | Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthenticated) | 2 Jul 202100:00 | โ | exploitdb |
 | WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure | 27 Jun 202603:01 | โ | nuclei |
 | CVE-2021-24146 | 18 Mar 202115:15 | โ | nvd |
 | WordPress Modern Events Calendar 5.16.2 Information Disclosure | 2 Jul 202100:00 | โ | packetstorm |
 | Format string | 18 Mar 202115:15 | โ | prion |
 | PT-2021-15692 ยท WordPress ยท Modern Events Calendar Lite | 18 Mar 202100:00 | โ | ptsecurity |
10
Node
[
{
"product": "Modern Events Calendar Lite",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.16.5",
"status": "affected",
"version": "5.16.5",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| format | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv | Unauthenticated access to export endpoint allows exporting all events data in CSV format | CWE-862,ย CWE-284 |
| page | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv | Unauthenticated access to export endpoint allows exporting all events data in CSV format | CWE-862,ย CWE-284 |
| tab | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv | Unauthenticated access to export endpoint allows exporting all events data in CSV format | CWE-862,ย CWE-284 |
| mec-ix-action | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv | Unauthenticated access to export endpoint allows exporting all events data in CSV format | CWE-862,ย CWE-284 |
| format | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml | Unauthenticated access to export endpoint allows exporting all events data in XML format | CWE-862,ย CWE-284 |
| page | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml | Unauthenticated access to export endpoint allows exporting all events data in XML format | CWE-862,ย CWE-284 |
| tab | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml | Unauthenticated access to export endpoint allows exporting all events data in XML format | CWE-862,ย CWE-284 |
| mec-ix-action | query param | /wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml | Unauthenticated access to export endpoint allows exporting all events data in XML format | CWE-862,ย CWE-284 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 03:39Current
7.5High risk
Vulners AI Score7.5
CVSS 25
CVSS 3.17.5
EPSS0.31043