Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/02/12 12:0 a.m.12 views

WordPress Eventin Plugin <= 3.3.50 is vulnerable to Broken Access Control

Software Eventin Type Plugin Vulnerable versions = 3.3.50 Fixed in 3.3.51 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1122 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID a2c7fec8c772 Credits Francesco Carlucci Required privileg...

5.3CVSS6.5AI score0.00471EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/02/09 5:15 a.m.26 views

CVE-2024-1122

The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdata function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated...

5.3CVSS5.1AI score0.00471EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/09 4:31 a.m.34 views

CVE-2024-1122 Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin <= 3.3.50 - Missing Authorization to Unauthenticated Events Export

The Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportdata function in all versions up to, and including, 3.3.50. This makes it possible for unauthenticated...

5.3CVSS5.4AI score0.00471EPSS
Exploits0References2
CVE
CVE
added 2024/02/09 4:31 a.m.51 views

CVE-2024-1122

The WordPress plugin set for Eventin (Event Manager, Events Calendar, Events Tickets for WooCommerce) is vulnerable to Broken Access Control due to a missing capability check in the export_data() function. All versions up to and including 3.3.50 allow unauthenticated attackers to export event dat...

5.3CVSS6AI score0.00471EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder