CVSS: 7.5EPSS: 11%CPEs: 1EXPL: 2CVE-2023-3219 – EventON < 2.1.2 - Unauthenticated Post Access via IDOR
https://notcve.org/view.php?id=CVE-2023-3219
The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid Event, allowing unauthenticated visitors to access any Post (including unpublished or protected posts) content via the ics export functionality by providing the numeric id of the post. The EventON plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks affecting the eventon_ics_download AJAX action. This makes it possible for unauthenticated attackers to view arbitrary posts (e.g., unpublished or protected) via the ICS export feature. WordPress EventON Calendar plugin version 4.4 suffers from an insecure direct object reference vulnerability related to posting. • https://www.exploit-db.com/exploits/51659 http://packetstormsecurity.com/files/173992/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html https://wpscan.com/vulnerability/72d80887-0270-4987-9739-95b1a178c1fd • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.3EPSS: 4%CPEs: 1EXPL: 2CVE-2023-2796 – EventON < 2.1.2 - Unauthenticated Event Access
https://notcve.org/view.php?id=CVE-2023-2796
The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id. The EventON plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the eventon_ics_download function in versions up to, and including, 2.1. This makes it possible for unauthenticated attackers to view private or protected events. WordPress EventON Calendar plugin version 4.4 suffers from an insecure direct object reference vulnerability. • https://www.exploit-db.com/exploits/51658 http://packetstormsecurity.com/files/173984/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html https://wpscan.com/vulnerability/e9ef793c-e5a3-4c55-beee-56b0909f7a0d • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 7%CPEs: 1EXPL: 3CVE-2020-29395 – EventON <= 3.0.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-29395
The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field. El plugin EventON versiones hasta 3.0.5 para WordPress, permite un XSS de addons/?q= por medio del campo de búsqueda The EventON plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including 3.0.5. This is due to insufficient escaping and sanitization on the q= parameter. • https://www.exploit-db.com/exploits/49130 http://packetstormsecurity.com/files/160282/WordPress-EventON-Calendar-3.0.5-Cross-Site-Scripting.html https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS https://www.myeventon.com/news • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •