CVE-2024-6180

EventON <= 2.2.15 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting and Plugin Settings Updates

Severity Score

7.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

The EventON plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'eventon_import_settings' ajax action in all versions up to, and including, 2.2.15. This makes it possible for unauthenticated attackers to update plugin settings, including adding stored cross-site scripting to settings options displayed on event calendar pages.

El complemento EventON para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la acción ajax 'eventon_import_settings' en todas las versiones hasta la 2.2.15 incluida. Esto hace posible que atacantes no autenticados actualicen la configuración del complemento, incluida la adición de Cross Site Scripting almacenado a las opciones de configuración que se muestran en las páginas del calendario de eventos.

*Credits: Lucio Sá

CVSS Scores

Wordfencev3.1 7.2

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-06-19 CVE Reserved
2024-07-08 CVE Published
2024-07-10 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-862: Missing Authorization

CAPEC

References (3)

URL	Tag	Source
https://plugins.trac.wordpress.org/browser/eventon-lite/trunk/assets/js/admin/wp_admin.js#L714
https://plugins.trac.wordpress.org/browser/eventon-lite/trunk/includes/calendar/class-calendar-event-structure.php#L590
https://www.wordfence.com/threat-intel/vulnerabilities/id/12f3dc64-322d-4015-8c57-eaa41c9a1829?source=cve

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ashanjay Search vendor "Ashanjay"		EventON Search vendor "Ashanjay" for product "EventON"				<= 2.2.15 Search vendor "Ashanjay" for product "EventON" and version " <= 2.2.15"		en		Affected