CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45300 – Bypassing promo code limitations with race conditions
https://notcve.org/view.php?id=CVE-2024-45300
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply price discounts by using promo codes to your events. The organizer can limit the number of promo codes that will be used for this, but the time-gap between checking the number of codes and restricting the use of the codes allows a threat actor to bypass the promo code limit. Version 2.0-M5 fixes this issue. • https://github.com/alfio-event/alf.io/commit/53b3309e26e8acec6860d1e045df3046153a3245 https://github.com/alfio-event/alf.io/security/advisories/GHSA-67jg-m6f3-473g • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45299 – alf.io's preloaded data as json is not escaped correctly
https://notcve.org/view.php?id=CVE-2024-45299
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, the preloaded data as json is not escaped correctly, the administrator / event admin could break their own install by inserting non correctly escaped text. The Content-Security-Policy directive blocks any potential script execution. The administrator or event administrator can override the texts for customization purpose. The texts are not properly escaped. • https://github.com/alfio-event/alf.io/commit/e7131c588f4ac31067a41d0e31e6a6a721b2ff4b https://github.com/alfio-event/alf.io/security/advisories/GHSA-mcx6-25f8-8rqw • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6883 – Event Espresso 4 Decaf – Event Registration Event Ticketing <= 5.0.22.decaf - Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification
https://notcve.org/view.php?id=CVE-2024-6883
The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to, and including, 5.0.22.decaf. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify some of the plugin settings. The Event Espresso 4 Decaf – Event Registration Event Ticketing plugin for WordPress is vulnerable to limited unauthorized plugin settings modification due to a missing capability check on the saveTimezoneString and some other functions in all versions up to and including 4.10.46.decaf. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify some of the plugin settings. • https://plugins.trac.wordpress.org/browser/event-espresso-decaf/tags/4.10.46.decaf/admin_pages/events/Events_Admin_Page.core.php#L2800 https://www.wordfence.com/threat-intel/vulnerabilities/id/689abb68-0c19-4f89-91db-fd15ab8bca8e?source=cve • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6711 – Event Tickets with Ticket Scanner <= 2.3.7 - Authenticated (Admin+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-6711
The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43223 – EventPrime <= 4.0.3.2 - Missing Authorization via calendar_event_create()
https://notcve.org/view.php?id=CVE-2024-43223
The EventPrime plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the calendar_event_create() function in versions up to, and including, 4.0.3.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to create calendar events. • CWE-862: Missing Authorization •