The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-01-16T15:56:59.963Z
Updated: 2024-08-01T17:41:16.054Z
Reserved: 2024-01-04T14:28:08.685Z
Link: CVE-2024-0237
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-16T16:15:14.413
Modified: 2024-11-21T08:46:07.443
Link: CVE-2024-0237
Redhat
No data.