Lucene search
HistoryJun 14, 2024 - 6:15 a.m.
CVE-2024-1295
wordpress
security
vulnerability
events calendar
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn’t have access to. (e.g. password-protected events, drafts, etc.)
Affected configurations
Node
google_calendar_events_projectgoogle_calendar_eventsRange<6.4.0.1
coolpluginsevents_search_for_the_events_calendarRange<6.4.0.1
CNA Affected
[
{
"vendor": "Unknown",
"product": "events-calendar-pro",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "6.4.0.1"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Unknown",
"product": "The Events Calendar",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "6.4.0.1"
}
],
"defaultStatus": "unaffected"
}
]Related
wpvulndb
wpvulndb
nvd
nvd
CVE-2024-1295
2024-06-14 06:15:10
cvelist
cvelist
wpexploit
wpexploit
wordfence
wordfence