5 matches found
CVE-2024-0237
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc...
CVE-2024-0237
creationtimestamp| type| source ---|---|--- 2024-02-06 13:16:14+00:00| seen| https://t.me/ctinow/179964...
CVE-2024-0237 EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc...
CVE-2024-0237 EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc...
CVE-2024-0237
The CVE-2024-0237 issue affects the EventON WordPress plugin, with unauthenticated updates to virtual event settings via certain AJAX actions. Concrete details across sources indicate: Affected software: EventON WordPress plugin versions prior to 4.5.9 (and, per other entries, 4.5.8) and EventON ...