Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.12 views

CVE-2023-6158

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evoeventpostupdatemeta function in all versions up to, and including, 4.5.4 for Pro and 2.2.7 for free. This make...

6.5CVSS7AI score0.00566EPSS
Exploits0References1
NVD
NVD
added 2024/01/10 3:15 p.m.25 views

CVE-2023-6158

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evoeventpostupdatemeta function in all versions up to, and including, 4.5.4 for Pro and 2.2.7 for free. This make...

6.5CVSS6.6AI score0.00566EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/10 2:32 p.m.40 views

CVE-2023-6158 EventON - WordPress Virtual Event Calendar Plugin Pro <= 4.5.4 & Free <= 2.2.7 - Missing Authorization to Arbitrary Post Meta Update via evo_eventpost_update_meta

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the evoeventpostupdatemeta function in all versions up to, and including, 4.5.4 for Pro and 2.2.7 for free. This make...

6.5CVSS6.8AI score0.00566EPSS
Exploits0References3
CVE
CVE
added 2024/01/10 2:32 p.m.46 views

CVE-2023-6158

CVE-2023-6158 (EventON WordPress Plugin) : The vulnerability arises from a missing capability check in evo_eventpost_update_meta, allowing unauthenticated attackers to update and remove arbitrary post metadata. Affected are EventON Pro (versions &lt;= 4.5.4) and EventON (free) (versions

6.5CVSS6.8AI score0.00566EPSS
Exploits0References3Affected Software2
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.18 views

WordPress EventON Plugin <= 2.2.7 is vulnerable to Broken Access Control

Software EventON Type Plugin Vulnerable versions = 2.2.7 Fixed in 2.2.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6158 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 05f91c2608b0 Credits Francesco Carlucci Required privilege...

6.5CVSS6.6AI score0.00566EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.15 views

WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Broken Access Control

Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6158 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b43943b2a15f Credits Francesco Carlucci Required...

6.5CVSS6.5AI score0.00566EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder