5 matches found
CVE-2024-1123
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savefrontendeventsubmission function in all versions up to, and including, 3.4.2. This makes it possible for authenticated...
WordPress EventPrime Plugin <= 3.4.2 is vulnerable to Broken Access Control
Software EventPrime Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1123 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c2164132e177 Credits Lucio Sá Required privilege...
CVE-2024-1123
creationtimestamp| type| source ---|---|--- 2024-03-09 08:26:42+00:00| seen| https://t.me/ctinow/203812 2024-03-09 08:26:50+00:00| seen| https://t.me/ctinow/203818...
CVE-2024-1123
CVE-2024-1123 concerns the EventPrime – Events Calendar, Bookings and Tickets WordPress plugin. The vulnerability is a missing capability check in save_frontend_event_submission() across versions up to and including 3.4.2, enabling unauthorized data modification. Exploitation requires subscriber-...
CVE-2024-1123 EventPrime – Events Calendar, Bookings and Tickets <= 3.4.2 - Missing Authorization to Arbitrary Post Overwrite
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savefrontendeventsubmission function in all versions up to, and including, 3.4.2. This makes it possible for authenticated...