2 matches found
CVE-2024-43138
CVE-2024-43138 affects Event Manager and Tickets Selling Plugin for WooCommerce (Mage Event/ WPEvently) up to 4.2.1. It is an authenticated Local File Inclusion (LFI) due to improper path handling, enabling access to restricted files. The Wordfence vulnerability listing notes it as Authenticated ...
WordPress Event Manager for WooCommerce Plugin <= 4.2.1 is vulnerable to Local File Inclusion
Software Event Manager for WooCommerce Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-43138 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 721149c5cd33 Credits João Pedro S...