Published: 10/07/2023 Updated: 07/11/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

The EventON WordPress plugin prior to 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id.

Vulnerable Product	Search on Vulmon	Subscribe to Product
myeventon eventon

WordPress EventON Calendar plugin version 44 suffers from an insecure direct object reference vulnerability ...

Shodan Dorks

Shodan dorks Description: This GitHub repository provides a range of search queries, known as "dorks," for Shodan, a powerful tool used to search for Internet-connected devices The dorks are designed to help security researchers discover potential vulnerabilities and configuration issues in various types of devices such as webcams, routers, and servers This resou

CWE-862 https://wpscan.com/vulnerability/e9ef793c-e5a3-4c55-beee-56b0909f7a0d http://packetstormsecurity.com/files/173984/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html https://nvd.nist.gov https://github.com/nullfuzz-pentest/shodan-dorks https://packetstormsecurity.com/files/173984/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-2796

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect