5 matches found
WordPress Event Calendar plugin <= 1.0.4 - Unauthenticated Arbitrary Calendar Deletion vulnerability
Unauthenticated Arbitrary Calendar Deletion vulnerability discovered by Bob Matyas in WordPress Plugin Event Calendar versions = 1.0.4...
CVE-2024-8700
The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars...
CVE-2024-8700 Event Calendar <= 1.0.4 - Unauthenticated Arbitrary Calendar Deletion
The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars...
CVE-2024-8700
CVE-2024-8700 affects the WordPress plugin Event Calendar (versions up to 1.0.4). The issue is lack of authorization checks on delete actions, allowing unauthenticated users to delete calendars. The connected sources confirm the vulnerability exists but do not provide a fixed version or patch det...
CVE-2024-8700 Event Calendar <= 1.0.4 - Unauthenticated Arbitrary Calendar Deletion
The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars...