Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.8 views

CVE-2023-6244

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 Pro & 2.2.8 Free. This is due to missing or incorrect nonce validation on the savevirtualeventsettings function. This makes it possibl...

6.5CVSS6.3AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2024/01/11 3:15 p.m.40 views

CVE-2023-6244

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 Pro & 2.2.8 Free. This is due to missing or incorrect nonce validation on the savevirtualeventsettings function. This makes it possibl...

6.5CVSS6.1AI score0.00253EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 2:32 p.m.47 views

CVE-2023-6244

CVE-2023-6244 describes a Cross-Site Request Forgery in the EventON WordPress plugin (EventON Pro and EventON Lite). The flaw arises from missing or incorrect nonce validation in the save_virtual_event_settings function, allowing unauthenticated attackers to modify virtual event settings via forg...

6.5CVSS5.2AI score0.00253EPSS
Exploits0References3Affected Software2
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.18 views

WordPress EventON Pro Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software EventON Pro Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5cacf0b27060 Credits Francesco Carlucci...

6.5CVSS6.7AI score0.00253EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/01/10 12:0 a.m.27 views

WordPress EventON Plugin <= 2.2.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software EventON Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-6244 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8c97e0a9cf60 Credits Francesco Carlucci Required...

6.5CVSS6.6AI score0.00253EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder