CVE-2024-1053 in Event Tickets and Registration Plugin情報

要約

〜によって MITRE • 2024年02月22日

The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'email' action in all versions up to, and including, 5.8.1. This makes it possible for authenticated attackers, with contributor-level access and above, to email the attendees list to themselves.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

責任者

Wordfence

予約する

2024年01月29日

モデレーション

承諾済み

エントリ

VDB-254444

EPSS

0.00396

アクティビティ

非常低い

セクター

Hostingprovider

ソース

Want to know what is going to be exploited?

We predict KEV entries!