Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2024/03/04 9:0 p.m.12 views

CVE-2024-1319 Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure

The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. e.g. draft, private, pending review, password-protected, and trashed posts...

6.5AI score0.00456EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/04 9:0 p.m.28 views

CVE-2024-1319 Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure

The Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. e.g. draft, private, pending review, password-protected, and trashed posts...

6.7AI score0.00456EPSS
Exploits2References1
wpexploit
wpexploit
added 2024/02/08 12:0 a.m.139 views

Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure

Description The plugin does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. e.g. draft, private, pending review, password-protected, and trashed posts. 1. ADMIN: Install Event Tickets 2. ADMIN: Install Event Tickets Plus ...

6.8AI score0.00456EPSS
Exploits2
wpexploit
wpexploit
added 2024/02/08 12:0 a.m.152 views

Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access

Description The plugin does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review, pw-protected, and trashed events. 1. ADMIN: Install Event Tickets 2. ADMIN: Install Event Tickets Plus...

6.8AI score0.00604EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/02/08 12:0 a.m.18 views

Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure

Description The plugin does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. e.g. draft, private, pending review, password-protected, and trashed posts. PoC 1. ADMIN: Install Event Tickets 2. ADMIN: Install Event Tickets...

6.3AI score0.00456EPSS
Exploits2Affected Software1
Rows per page
Query Builder