3 matches found
CVE-2024-0236
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...
CVE-2024-0236
CVE-2024-0236 affects the WordPress EventON plugin, with unauthenticated access in an AJAX action that allows retrieval of arbitrary virtual-event settings, including meeting passwords (e.g., Zoom). Technical details across connected documents show vulnerable versions: EventON prior to 4.5.5 and ...
CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom...