cbcvebase.
CVE-2024-0235
published 2024-01-16

CVE-2024-0235: The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to…

PriorityP278medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
37.96%
98.4th percentile
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog

Affected

2 ranges
VendorProductVersion rangeFixed in
myeventoneventon< 2.2.72.2.7
myeventoneventon>= 4.0 < 4.5.54.5.5

Detection & IOCsextracted from sources · hover to see the quote

url/wp-admin/admin-ajax.php?action=eventon_get_virtual_users
path/wp-content/plugins/eventon-lite/
path/wp-content/plugins/eventon/
commandPOST /wp-admin/admin-ajax.php?action=eventon_get_virtual_users body: _user_role=administrator
  • Presence of plugin paths '/wp-content/plugins/eventon/' or '/wp-content/plugins/eventon-lite/' in HTTP response body indicates a potentially vulnerable EventON installation.
  • The exploit POST body uses '_user_role=administrator' with Content-Type application/x-www-form-urlencoded to the AJAX action; no authentication is required.
  • ·Vulnerable versions are EventON Free < 2.2.8 and EventON Premium < 4.5.5; the NVD entry lists the free branch boundary as < 2.2.7, while the WPScan template references < 2.2.8 — verify the exact patched version against the vendor advisory.
  • ·The Shodan fingerprint query references 'vuln:CVE-2023-2796' which appears to be a different CVE; treat that Shodan query with caution as it may produce false positives or miss true CVE-2024-0235 targets.

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vulncheck5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.