Lucene search
WPScanCVELIST:CVE-2024-1319HistoryMar 04, 2024 - 9:00 p.m.
CVE-2024-1319 Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure
2024-03-0421:00:09
WPScan
www.cve.org
cve-2024-1319
event tickets plus
wordpress
plugin
attendees list
contributor role
security disclosure
The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. (e.g. draft, private, pending review, password-protected, and trashed posts).
CNA Affected
[
{
"vendor": "Unknown",
"product": "Events Tickets Plus",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "5.9.1"
}
],
"defaultStatus": "unaffected"
}
]Related
cve
cve
CVE-2024-1319
2024-03-04 21:15:07
nvd
nvd
CVE-2024-1319
2024-03-04 21:15:07
wpexploit
wpexploit
Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure
2024-02-08 00:00:00
wpvulndb
wpvulndb
Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure
2024-02-08 00:00:00
prion
prion
Default credentials
2024-03-04 21:15:00