63 matches found
CVE-2024-10799 Eventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File Read
The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.9.7 via the eventerwoodownloadtickets function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the...
CVE-2024-10799 Eventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File Read
The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.9.7 via the eventerwoodownloadtickets function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the...
WordPress Eventer plugin <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File Read vulnerability
Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by Tonn in WordPress Plugin Eventer versions = 3.9.7...