Lucene search
WPScanVULNRICHMENT:CVE-2024-1295HistoryJun 14, 2024 - 6:00 a.m.
CVE-2024-1295 The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access
2024-06-1406:00:02
WPScan
github.com
3
cve-2024-1295
events calendar
wordpress plugin
arbitrary events access
contributor role
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn’t have access to. (e.g. password-protected events, drafts, etc.)
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:theeventscalendar:the_events_calendar:*:*:*:*:*:*:*:*"
],
"vendor": "theeventscalendar",
"product": "the_events_calendar",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.4.0.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:a:theeventscalendar:events_calendar_pro:*:*:*:*:*:*:*:*"
],
"vendor": "theeventscalendar",
"product": "events_calendar_pro",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.4.0.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-1295
2024-06-14 06:15:10
cve
cve
CVE-2024-1295
2024-06-14 06:15:10
wpvulndb
wpvulndb
cvelist
cvelist
wpexploit
wpexploit
wordfence
wordfence
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-1295