CVE-2024-6033 in Eventin Pluginthông tin

Tóm tắt

Bởi MITRE • 17/07/2024

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'import_file' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to import events, speakers, schedules and attendee data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Đặt trước

15/06/2024

Tiết lộ

17/07/2024

Kiểm duyệt

được chấp nhận

EPSS

0.00362

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you need the next level of professionalism?

Upgrade your account now!