cve/CVE-2024-0235.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

861 B

Raw Permalink Blame History

CVE-2024-0235

Description

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog

POC

Reference

https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/

Github

https://github.com/Cappricio-Securities/CVE-2024-0235
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub

861 B Raw Permalink Blame History

CVE-2024-0235

Description

POC

Reference

Github

861 B

Raw Permalink Blame History