CVE-2023-6203
The Events Calendar < 6.2.8.1 - Unauthenticated Arbitrary Password Protected Post ReadThe Events Calendar WordPress plugin before 6.2.8.1 discloses the content of password protected posts to unauthenticated users via a crafted request
We have discovered 17,958 live websites that are affected by CVE-2023-6203.
Affected Software
| Product |  The Events Calendar |
| Category | Wordpress Plugins |
| Vulnerable Domains | 17,958 live websites (19% of The Events Calendar install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 240 versions ( 71% of all versions) |
Common Weakness Enumeration
CWE-287 Improper AuthenticationDetails
- Published - Dec 18, 2023
- Updated - Aug 2, 2024
Credits
- Krzysztof Zając (CERT PL) (finder)
- WPScan (coordinator)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2023-6203 United States | 4,370 websites |
 Germany | 2,981 websites |
 France | 1,527 websites |
 Italy | 1,142 websites |
 GB | 813 websites |
 Spain | 684 websites |
 Netherlands | 536 websites |
 Canada | 430 websites |
 Poland | 342 websites |
 Switzerland | 285 websites |
Website Distribution by TLD
Number of websites using CVE-2023-6203| .com | 5,029 websites |
| .org | 2,377 websites |
| .de | 2,020 websites |
| .it | 823 websites |
| .fr | 705 websites |
| .nl | 490 websites |
| .co.uk | 379 websites |
| .net | 368 websites |
| .pl | 284 websites |
| .es | 279 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-6203
Top websites that are affected by CVE-2023-6203. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.com | United States | *,*** | |
| *****.**.uk | United States | **,*** | |
| ***.**.nz |  New Zealand | **,*** | |
| *************.fr | France | **,*** | |
| **************.org | United States | **,*** | |
| ***.hu |  Hungary | **,*** | |
| *******.**.il |  Israel | **,*** | |
| ****.edu | United States | **,*** | |
| ********.***********.com | United States | **,*** | |
| *******.com | United States | **,*** |
FAQ
CVE-2023-6203 is Improper Authentication in The Events Calendar
A total of 17,958 websites have been identified as vulnerable to CVE-2023-6203, based on global website indexing conducted by WebTechSurvey.
The The Events Calendar is affected by the CVE-2023-6203 vulnerability.
The Events Calendar versions up to 6.2.8.1 are vulnerable to CVE-2023-6203.
CVE-2023-6203 is resolved in version 6.2.8.1 of The Events Calendar.