Lucene search
WPScanCVELIST:CVE-2024-1316HistoryMar 04, 2024 - 9:00 p.m.
CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access
2024-03-0421:00:09
WPScan
www.cve.org
1
cve-2024-1316
wordpress plugin
arbitrary events access
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn’t have access to. (e.g. draft, private, pending review, pw-protected, and trashed events).
CNA Affected
[
{
"vendor": "Unknown",
"product": "Event Tickets and Registration",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "5.8.1"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
},
{
"vendor": "Unknown",
"product": "Events Tickets Plus",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "5.9.1"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-1316
2024-03-04 21:15:07
wpexploit
wpexploit
wpvulndb
wpvulndb
cve
cve
CVE-2024-1316
2024-03-04 21:15:07
prion
prion
Code injection
2024-03-04 21:15:00