Lucene search
WPScanCVELIST:CVE-2021-24146HistoryMar 18, 2021 - 2:57 p.m.
CVE-2021-24146 Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export
2021-03-1814:57:50
CWE-284
WPScan
www.cve.org
0.026 Low
EPSS
Percentile
90.4%
Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.
CNA Affected
[
{
"product": "Modern Events Calendar Lite",
"vendor": "Unknown",
"versions": [
{
"lessThan": "5.16.5",
"status": "affected",
"version": "5.16.5",
"versionType": "custom"
}
]
}
]Related
packetstorm
packetstorm
WordPress Modern Events Calendar 5.16.2 Information Disclosure
2021-07-02 00:00:00
zdt
zdt
nuclei
nuclei
prion
prion
Format string
2021-03-18 15:15:00
osv
osv
CVE-2021-24146
2021-03-18 15:15:15
wpvulndb
wpvulndb
Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export
2021-01-29 00:00:00
wpexploit
wpexploit
Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export
2021-01-29 00:00:00
cve
cve
CVE-2021-24146
2021-03-18 15:15:15
nvd
nvd
CVE-2021-24146
2021-03-18 15:15:15
exploitdb
exploitdb