CVE-2024-5333
The Events Calendar < 6.8.2.1 - Unauthenticated Password Protected Event Disclosure
The Events Calendar WordPress plugin before 6.8.2.1 is missing access checks in the REST API, allowing for unauthenticated users to access information about password protected events.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Unknown · The Events CalendarWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →