4 matches found
CVE-2024-6033
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'importfile' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers,...
CVE-2024-6033 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Event Data Import
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'importfile' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers,...
CVE-2024-6033 Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Event Data Import
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'importfile' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers,...
WordPress Eventin Plugin <= 4.0.4 is vulnerable to Broken Access Control
Software Eventin Type Plugin Vulnerable versions = 4.0.4 Fixed in 4.0.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6033 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7a6bb73df9d9 Credits Peter Thaleikis Required privilege...