3 matches found
CVE-2024-8369 EventPrime <= 4.0.4.3 - Missing Authorization to Unauthenticated Private or Password-Protected Events Disclosure
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access to Private or Password-protected events due to missing authorization checks in all versions up to, and including, 4.0.4.3. This makes it possible for unauthenticated attackers to view...
CVE-2024-8369 EventPrime <= 4.0.4.3 - Missing Authorization to Unauthenticated Private or Password-Protected Events Disclosure
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access to Private or Password-protected events due to missing authorization checks in all versions up to, and including, 4.0.4.3. This makes it possible for unauthenticated attackers to view...
WordPress EventPrime Plugin <= 4.0.4.3 is vulnerable to Broken Access Control
Software EventPrime Type Plugin Vulnerable versions = 4.0.4.3 Fixed in 4.0.4.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8369 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b15b481a5c2e Credits Miguel Santareno Required...