Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 9:41 a.m.10 views

CVE-2024-1316

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

6.5CVSS6.8AI score0.00604EPSS
Exploits2References1
patchstack
patchstack
added 2024/03/05 12:0 a.m.11 views

WordPress Events Tickets Plus Plugin < 5.9.1 is vulnerable to Broken Access Control

Software Events Tickets Plus Type Plugin Vulnerable versions 5.9.1 Fixed in 5.9.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1316 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2dfabd1f95ab Credits Scott Kingsley Clark Require...

6.5CVSS6.9AI score0.00604EPSS
Exploits2References3Affected Software1
vulnrichment
vulnrichment
added 2024/03/04 9:0 p.m.13 views

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

7.1AI score0.00604EPSS
Exploits2References1
cve
cve
added 2024/03/04 9:0 p.m.78 views

CVE-2024-1316

The CVE-2024-1316 issue affects the WordPress plugins Event Tickets and Registration (pre-5.8.1) and Events Tickets Plus (pre-5.9.1). Reports across multiple sources identify a vulnerability where users with at least the Contributor role can leak the existence of certain events they should not ac...

6.5CVSS6.4AI score0.00604EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2024/03/04 9:0 p.m.34 views

CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...

6.7AI score0.00604EPSS
Exploits2References1
Rows per page
Query Builder