Lucene search
K

5 matches found

Cvelist
Cvelist
added 2024/06/14 6:0 a.m.43 views

CVE-2024-1295 The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access

The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...

0.00464EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/06/14 6:0 a.m.29 views

CVE-2024-1295 The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access

The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...

7AI score0.00464EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/05/24 11:21 a.m.4 views

WordPress The Events Calendar < 6.4.0.1 - Authenticated (Contributor+) Arbitrary Events Access vulnerability

Authenticated Contributor+ Arbitrary Events Access vulnerability discovered by Scott Kingsley Clark in WordPress Plugin The Events Calendar versions 6.4.0.1...

6.5CVSS7AI score0.00464EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/03/04 9:0 p.m.25 views

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

6.7AI score0.00604EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/03/04 9:0 p.m.13 views

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

7.1AI score0.00604EPSS
Exploits2References1
Rows per page
Query Builder