EventPrime < 3.3.6 – Unauthenticated Event Access | CVE 2023-6447 | Plugin Vulnerabilities

Description

The plugin lacks authentication and authorization, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id/event name.

Proof of Concept

1. Create a password-protected event or a private event then publish it.
2. Access to the URL on a private browser and you will be able to see the password-protected or private event.
3. https://www.example.com/index.php/event/{{EVENT-ID}}/

Affects Plugins

eventprime-event-calendar-management

Fixed in 3.3.6

References

CVE

Classification

Type

ACCESS CONTROLS

OWASP top 10

A5: Broken Access Control

CWE

Miscellaneous

Original Researcher

Miguel Santareno

Submitter

Miguel Santareno

Submitter website

https://miguelsantareno.github.io/

Submitter twitter

MiguelSantareno

Verified

Yes

WPVDB ID

e366881c-d21e-4063-a945-95e6b080a373

Timeline

Publicly Published

2023-12-29 (about 4 months ago)

Added

2023-12-29 (about 4 months ago)

Last Updated

2023-12-29 (about 4 months ago)

Other

Published

Title

Published

2021-10-18

Title

QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update

Published

2022-06-28

Title

Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update

Published

2021-01-13

Title

Elementor Contact Form DB < 1.6 - Unauthenticated & Unauthorised Form Submissions Export

Published

2020-08-04

Title

The Official WordPress Facebook Chat Plugin < 1.6 - Authenticated Options Change to Chat Takeover

Published

2021-08-23

Title

OMGF < 4.5.4 - Subscriber+ Arbitrary File/Folder Deletion